Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2014-7810 (GCVE-0-2014-7810)
Vulnerability from cvelistv5
Published
2015-06-07 23:00
Modified
2024-08-06 13:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:03:26.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:0492",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"
},
{
"name": "USN-2654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2654-1"
},
{
"name": "RHSA-2015:1622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018"
},
{
"name": "DSA-3530",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3530"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tomcat.apache.org/security-7.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642"
},
{
"name": "HPSBUX03561",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2"
},
{
"name": "RHSA-2016:2046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tomcat.apache.org/security-8.html"
},
{
"name": "DSA-3428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"name": "74665",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74665"
},
{
"name": "1032330",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032330"
},
{
"name": "USN-2655-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2655-1"
},
{
"name": "RHSA-2015:1621",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html"
},
{
"name": "DSA-3447",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3447"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-13T16:10:04",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2016:0492",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"
},
{
"name": "USN-2654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2654-1"
},
{
"name": "RHSA-2015:1622",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018"
},
{
"name": "DSA-3530",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3530"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tomcat.apache.org/security-7.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642"
},
{
"name": "HPSBUX03561",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2"
},
{
"name": "RHSA-2016:2046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tomcat.apache.org/security-8.html"
},
{
"name": "DSA-3428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"name": "74665",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74665"
},
{
"name": "1032330",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032330"
},
{
"name": "USN-2655-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2655-1"
},
{
"name": "RHSA-2015:1621",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html"
},
{
"name": "DSA-3447",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3447"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-7810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:0492",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"
},
{
"name": "USN-2654-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2654-1"
},
{
"name": "RHSA-2015:1622",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018"
},
{
"name": "DSA-3530",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3530"
},
{
"name": "http://tomcat.apache.org/security-7.html",
"refsource": "CONFIRM",
"url": "http://tomcat.apache.org/security-7.html"
},
{
"name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642"
},
{
"name": "HPSBUX03561",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2"
},
{
"name": "RHSA-2016:2046",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"name": "http://tomcat.apache.org/security-8.html",
"refsource": "CONFIRM",
"url": "http://tomcat.apache.org/security-8.html"
},
{
"name": "DSA-3428",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3428"
},
{
"name": "http://tomcat.apache.org/security-6.html",
"refsource": "CONFIRM",
"url": "http://tomcat.apache.org/security-6.html"
},
{
"name": "74665",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74665"
},
{
"name": "1032330",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032330"
},
{
"name": "USN-2655-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2655-1"
},
{
"name": "RHSA-2015:1621",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html"
},
{
"name": "DSA-3447",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3447"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-7810",
"datePublished": "2015-06-07T23:00:00",
"dateReserved": "2014-10-03T00:00:00",
"dateUpdated": "2024-08-06T13:03:26.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2014-7810\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-06-07T23:59:03.580\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n Expression Language (EL) en Apache Tomcat 6.x anterior a 6.0.44, 7.x anterior a 7.0.58, y 8.x anterior a 8.0.16 no considera correctamente la posibilidad de una interfaz accesible implementada por una clase no accesible, lo que permite a atacantes evadir un mecanismo de protecci\u00f3n SecurityManager a trav\u00e9s de una aplicaci\u00f3n web que aprovecha el uso de privilegios incorrectos durante la evaluaci\u00f3n EL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E3C039-A949-4F1B-892A-57147EECB249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A354C34-A3FE-4B8A-9985-8874A0634BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F28C7801-41B9-4552-BA1E-577967BCBBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFE300CC-FD4A-444E-8506-E5E269D0A0A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B21085-7259-4685-9D1F-FF98E6489E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"F50A3EC9-516E-48A7-839B-A73F491B5B9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635EE321-2A1F-4FF8-95BE-0C26591969D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"31AB969A-9ACE-44EF-B2E5-CEC008F47C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"06217215-72E4-4478-BACB-628A0836A645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11951A10-39A2-4FF5-8C43-DF94730FB794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B79F2EA-C893-4359-80EC-24AE38D982E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B6B0504-27C1-4824-A928-A878CBBAB32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D903956B-14F5-4177-AF12-0A5F1846D3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2823789C-2CB6-4300-94DB-BDBE83ABA8E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A61429EE-4331-430C-9830-58DCCBCBCB58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B3593F-CEDF-423C-90F8-F88EED87DC3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7862B2-E1FA-4E16-92CD-8918AB461D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E03BE3-60CC-4415-B993-D0BB00F87A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E5E8C3-21AD-4230-B945-AB7DE66307B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4945C8C1-C71B-448B-9075-07C6C92599CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED4730B0-2E09-408B-AFD4-FE00F73700FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DE8A8A-7643-4292-BCC1-758AE0940207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B54FCD-CF7C-47E2-8513-40419E47AF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87EFB6D-B626-469F-907C-40C771A55833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6330B97B-8FC5-4D7E-A960-5D94EDD0C378\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F8C62EF-1B67-456A-9C66-755439CF8556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"33E9607B-4D28-460D-896B-E4B7FA22441E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A819E245-D641-4F19-9139-6C940504F6E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C381275-10C5-4939-BCE3-0D1F3B3CB2EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"81A31CA0-A209-4C49-AA06-C38E165E5B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7205475A-6D04-4042-B24E-1DA5A57029B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08022987-B36B-4F63-88A5-A8F59195DF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA563BF-A67A-477D-956A-167ABEF885C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF4B7557-EF35-451E-B55D-3296966695AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8980E61E-27BE-4858-82B3-C0E8128AF521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8756BF9B-3E24-4677-87AE-31CE776541F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88CE057E-2092-4C98-8D0C-75CF439D0A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F194580-EE6D-4E38-87F3-F0661262256B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9731BAA-4C6C-4259-B786-F577D8A90FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F74A421-D019-4248-84B8-C70D4D9A8A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05346F5A-FB52-4376-AAC7-9A5308216545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"305688F2-50A6-41FB-8614-BC589DB9A789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D24AA431-C436-4AA5-85DF-B9AAFF2548FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25966344-15D5-4101-9346-B06BFD2DFFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F4CBAC-27B1-4EFF-955A-A63B457D0578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD55B338-9DBE-4643-ABED-A08964D3AF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D4F710E-06EA-48F4-AC6A-6F143950F015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4936C2-0B2D-4C44-98C3-443090965F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48453405-2319-4327-9F4C-6F70B49452C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DD9544-6424-41A6-AEC0-EC19B8A10E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4670E65-2E11-49A4-B661-57C2F60D411F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E8FF71D-4710-4FBB-9925-A6A26C450F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31002A23-4788-4BC7-AE11-A3C2AA31716D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7144EDDF-8265-4642-8EEB-ED52527E0A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF06B5C1-B9DD-4673-A101-56E1E593ACDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D731065-626B-4425-8E49-F708DD457824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3D850EA-E537-42C8-93B9-96E15CB26747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E037DA05-2BEF-4F64-B8BB-307247B6A05C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCAF1EB5-FB34-40FC-96ED-9D073890D8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D395D95B-1F4A-420E-A0F6-609360AF7B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BD221BA-0AB6-4972-8AD9-5D37AC07762F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E55B6565-96CB-4F6A-9A80-C3FB82F30546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3300AFE-49A4-4904-B9A0-5679F09FA01E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5125CC-05F9-4678-90DB-A5C7CD24AE6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B904C74-B92E-4EAE-AE6C-78E2B844C3DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C6109D1-BC36-40C5-A02A-7AEBC949BAC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA8A7333-B4C3-4876-AE01-62F2FD315504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92993E23-D805-407B-8B87-11CEEE8B212F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A11BD74-305C-41E2-95B1-5008EEF5FA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"595442D0-9DB7-475A-AE30-8535B70E122E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0BA92A-0BD3-4CE4-9465-95E949104BAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C947E549-2459-4AFB-84A7-36BDA30B5F29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D55DF79-F9BE-4907-A4D8-96C4B11189ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AB5787-82D7-4F78-BE93-4556AB7A7D0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E9453E-BC9B-4F77-85FA-BA15AC55C245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7EF0518-73F9-47DB-8946-A8334936BEFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95AA8778-7833-4572-A71B-5FD89938CE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"242E47CE-EF69-4F8F-AB40-5AF2811674CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4752862B-7D26-4285-B8A0-CF082C758353\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*\",\"matchCriteriaId\":\"58EA7199-3373-4F97-9907-3A479A02155E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4693BD36-E522-4C8E-9667-8F3E14A05EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BBBC5EA-012C-4C5D-A61B-BAF134B300DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A358FDF-C249-4D7A-9445-8B9E7D9D40AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF96F96-34DB-4EB3-BF59-11220673FA26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E008F8-2F01-4DD8-853A-337B4B4163C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A776B25-6AF1-421B-8E47-2A7499F6B4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"701424A2-BB06-44B5-B468-7164E4F95529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F9A5B7E-33A9-4651-9BE1-371A0064B661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F99252E8-A59C-48E1-B251-718D7FB3E399\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E3C039-A949-4F1B-892A-57147EECB249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A354C34-A3FE-4B8A-9985-8874A0634BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F28C7801-41B9-4552-BA1E-577967BCBBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFE300CC-FD4A-444E-8506-E5E269D0A0A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B21085-7259-4685-9D1F-FF98E6489E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"F50A3EC9-516E-48A7-839B-A73F491B5B9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635EE321-2A1F-4FF8-95BE-0C26591969D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"31AB969A-9ACE-44EF-B2E5-CEC008F47C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"06217215-72E4-4478-BACB-628A0836A645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11951A10-39A2-4FF5-8C43-DF94730FB794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B79F2EA-C893-4359-80EC-24AE38D982E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B6B0504-27C1-4824-A928-A878CBBAB32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D903956B-14F5-4177-AF12-0A5F1846D3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2823789C-2CB6-4300-94DB-BDBE83ABA8E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A61429EE-4331-430C-9830-58DCCBCBCB58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B3593F-CEDF-423C-90F8-F88EED87DC3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7862B2-E1FA-4E16-92CD-8918AB461D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E03BE3-60CC-4415-B993-D0BB00F87A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E5E8C3-21AD-4230-B945-AB7DE66307B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4945C8C1-C71B-448B-9075-07C6C92599CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED4730B0-2E09-408B-AFD4-FE00F73700FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DE8A8A-7643-4292-BCC1-758AE0940207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B54FCD-CF7C-47E2-8513-40419E47AF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87EFB6D-B626-469F-907C-40C771A55833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6330B97B-8FC5-4D7E-A960-5D94EDD0C378\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F8C62EF-1B67-456A-9C66-755439CF8556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"33E9607B-4D28-460D-896B-E4B7FA22441E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A819E245-D641-4F19-9139-6C940504F6E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C381275-10C5-4939-BCE3-0D1F3B3CB2EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"81A31CA0-A209-4C49-AA06-C38E165E5B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7205475A-6D04-4042-B24E-1DA5A57029B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08022987-B36B-4F63-88A5-A8F59195DF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA563BF-A67A-477D-956A-167ABEF885C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF4B7557-EF35-451E-B55D-3296966695AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8980E61E-27BE-4858-82B3-C0E8128AF521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8756BF9B-3E24-4677-87AE-31CE776541F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88CE057E-2092-4C98-8D0C-75CF439D0A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F194580-EE6D-4E38-87F3-F0661262256B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9731BAA-4C6C-4259-B786-F577D8A90FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F74A421-D019-4248-84B8-C70D4D9A8A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05346F5A-FB52-4376-AAC7-9A5308216545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"305688F2-50A6-41FB-8614-BC589DB9A789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D24AA431-C436-4AA5-85DF-B9AAFF2548FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25966344-15D5-4101-9346-B06BFD2DFFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F4CBAC-27B1-4EFF-955A-A63B457D0578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD55B338-9DBE-4643-ABED-A08964D3AF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D4F710E-06EA-48F4-AC6A-6F143950F015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4936C2-0B2D-4C44-98C3-443090965F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48453405-2319-4327-9F4C-6F70B49452C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DD9544-6424-41A6-AEC0-EC19B8A10E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4670E65-2E11-49A4-B661-57C2F60D411F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E8FF71D-4710-4FBB-9925-A6A26C450F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31002A23-4788-4BC7-AE11-A3C2AA31716D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7144EDDF-8265-4642-8EEB-ED52527E0A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF06B5C1-B9DD-4673-A101-56E1E593ACDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D731065-626B-4425-8E49-F708DD457824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3D850EA-E537-42C8-93B9-96E15CB26747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E037DA05-2BEF-4F64-B8BB-307247B6A05C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCAF1EB5-FB34-40FC-96ED-9D073890D8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D395D95B-1F4A-420E-A0F6-609360AF7B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BD221BA-0AB6-4972-8AD9-5D37AC07762F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E55B6565-96CB-4F6A-9A80-C3FB82F30546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3300AFE-49A4-4904-B9A0-5679F09FA01E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5125CC-05F9-4678-90DB-A5C7CD24AE6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B904C74-B92E-4EAE-AE6C-78E2B844C3DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C6109D1-BC36-40C5-A02A-7AEBC949BAC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA8A7333-B4C3-4876-AE01-62F2FD315504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92993E23-D805-407B-8B87-11CEEE8B212F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A11BD74-305C-41E2-95B1-5008EEF5FA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"595442D0-9DB7-475A-AE30-8535B70E122E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0BA92A-0BD3-4CE4-9465-95E949104BAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C947E549-2459-4AFB-84A7-36BDA30B5F29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D55DF79-F9BE-4907-A4D8-96C4B11189ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AB5787-82D7-4F78-BE93-4556AB7A7D0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E9453E-BC9B-4F77-85FA-BA15AC55C245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7EF0518-73F9-47DB-8946-A8334936BEFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95AA8778-7833-4572-A71B-5FD89938CE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"242E47CE-EF69-4F8F-AB40-5AF2811674CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4752862B-7D26-4285-B8A0-CF082C758353\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*\",\"matchCriteriaId\":\"58EA7199-3373-4F97-9907-3A479A02155E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4693BD36-E522-4C8E-9667-8F3E14A05EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BBBC5EA-012C-4C5D-A61B-BAF134B300DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A358FDF-C249-4D7A-9445-8B9E7D9D40AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF96F96-34DB-4EB3-BF59-11220673FA26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E008F8-2F01-4DD8-853A-337B4B4163C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A776B25-6AF1-421B-8E47-2A7499F6B4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"701424A2-BB06-44B5-B468-7164E4F95529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F9A5B7E-33A9-4651-9BE1-371A0064B661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F99252E8-A59C-48E1-B251-718D7FB3E399\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FC82871-E47F-4431-AAE0-A714D7D22670\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1621.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1622.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0492.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2046.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://svn.apache.org/viewvc?view=revision\u0026revision=1644018\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc?view=revision\u0026revision=1645642\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-7.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-8.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3428\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3447\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3530\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/74665\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1032330\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2654-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2655-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1621.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1622.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0492.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2046.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://svn.apache.org/viewvc?view=revision\u0026revision=1644018\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc?view=revision\u0026revision=1645642\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-7.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-8.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3447\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3530\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/74665\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032330\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2654-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2655-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2019-AVI-138
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Protect Snapshot (anciennement Tivoli Storage FlashCopy Manager) pour VMware versions ant\u00e9rieures \u00e0 4.1.6.7",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Watson Compare and Comply versions ant\u00e9rieures \u00e0 V1.1.4",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-8039",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8039"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
}
],
"initial_release_date": "2019-04-01T00:00:00",
"last_revision_date": "2019-04-01T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-138",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-04-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10869814 du 29 mars 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10869814"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10876202 du 29 mars 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10876202"
}
]
}
CERTFR-2019-AVI-186
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM WebSphere. Elles permettent à un attaquant de provoquer un déni de service à distance et une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Control Center versions 6.1.0.0 \u00e0 6.1.2.0 iFix01",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Scale versions 4.2.0.0 \u00e0 4.2.3.13",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Scale versions 5.0.0.0 \u00e0 5.0.2.3",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Control Center versions 6.0.0.0 \u00e0 6.0.0.2 iFix05",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1767"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"name": "CVE-2018-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3169"
}
],
"initial_release_date": "2019-04-25T00:00:00",
"last_revision_date": "2019-04-25T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-186",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-04-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM WebSphere.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance et une injection de code indirecte \u00e0 distance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM WebSphere",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10878268 du 24 avril 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10878268"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10881456 du 24 avril 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10881456"
}
]
}
CERTFR-2022-AVI-568
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.5 sans le correctif de sécurité 7.5.0-QRADAR-PROTOCOL-ApacheKafka-7.5-20220429171113 | ||
| IBM | N/A | IBM Disconnected Log Collector versions 1.x antérieures à 1.7.3 | ||
| IBM | N/A | IBM Customer and Network Analytics for Communications Service Providers and Datasets (CNA) versions 10.0.0.x antérieures à 10.0.0.2 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.4 sans le correctif de sécurité 7.4.0-QRADAR-PROTOCOL-ApacheKafka-7.4-20220429171217 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.3 sans le correctif de sécurité 7.3.0-QRADAR-PROTOCOL-ApacheKafka-7.3-20220429171209 | ||
| IBM | N/A | IBM Rational Test Control Panel component in Rational Test Workbench toutes versions sans le correctif de sécurité Rational-RTCP-<product-name>-<product-version>-CVE-2022-22965-ifix | ||
| IBM | N/A | IBM Analytic Accelerator Framework for Communication Service Providers (AAF) versions 4.0.0.x antérieures à 4.0.0.2 | ||
| IBM | N/A | IBM Rational Test Control Panel component in Rational Test Virtualization Server toutes versions sans le correctif de sécurité Rational-RTCP-<product-name>-<product-version>-CVE-2022-22965-ifix |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar SIEM versions 7.5 sans le correctif de s\u00e9curit\u00e9 7.5.0-QRADAR-PROTOCOL-ApacheKafka-7.5-20220429171113",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Disconnected Log Collector versions 1.x ant\u00e9rieures \u00e0 1.7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Customer and Network Analytics for Communications Service Providers and Datasets (CNA) versions 10.0.0.x ant\u00e9rieures \u00e0 10.0.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.4 sans le correctif de s\u00e9curit\u00e9 7.4.0-QRADAR-PROTOCOL-ApacheKafka-7.4-20220429171217",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.3 sans le correctif de s\u00e9curit\u00e9 7.3.0-QRADAR-PROTOCOL-ApacheKafka-7.3-20220429171209",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Rational Test Control Panel component in Rational Test Workbench toutes versions sans le correctif de s\u00e9curit\u00e9 Rational-RTCP-\u003cproduct-name\u003e-\u003cproduct-version\u003e-CVE-2022-22965-ifix",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Analytic Accelerator Framework for Communication Service Providers (AAF) versions 4.0.0.x ant\u00e9rieures \u00e0 4.0.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Rational Test Control Panel component in Rational Test Virtualization Server toutes versions sans le correctif de s\u00e9curit\u00e9 Rational-RTCP-\u003cproduct-name\u003e-\u003cproduct-version\u003e-CVE-2022-22965-ifix",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12384"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2014-0075",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0075"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2012-5886",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5886"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2016-6797",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6797"
},
{
"name": "CVE-2016-8735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8735"
},
{
"name": "CVE-2020-8022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8022"
},
{
"name": "CVE-2013-4286",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4286"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2012-5885",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5885"
},
{
"name": "CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"name": "CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"name": "CVE-2014-0119",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0119"
},
{
"name": "CVE-2013-4590",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4590"
},
{
"name": "CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"name": "CVE-2020-24616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
},
{
"name": "CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"name": "CVE-2019-17195",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17195"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2014-0227",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0227"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2016-0706",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0706"
},
{
"name": "CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"name": "CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2016-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0714"
},
{
"name": "CVE-2012-4431",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4431"
},
{
"name": "CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"name": "CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"name": "CVE-2020-11113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
},
{
"name": "CVE-2014-0099",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0099"
},
{
"name": "CVE-2013-2185",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2185"
},
{
"name": "CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"name": "CVE-2019-14439",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
},
{
"name": "CVE-2020-10969",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
},
{
"name": "CVE-2016-6794",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6794"
},
{
"name": "CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"name": "CVE-2015-5174",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5174"
},
{
"name": "CVE-2021-27568",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27568"
},
{
"name": "CVE-2013-2067",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2067"
},
{
"name": "CVE-2021-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
},
{
"name": "CVE-2020-11620",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
},
{
"name": "CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"name": "CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"name": "CVE-2016-6816",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6816"
},
{
"name": "CVE-2018-17196",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17196"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2012-3546",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3546"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2020-14195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
},
{
"name": "CVE-2016-5018",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5018"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2019-12814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12814"
},
{
"name": "CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2013-4322",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4322"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2020-14061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
},
{
"name": "CVE-2012-4534",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4534"
},
{
"name": "CVE-2020-11619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
},
{
"name": "CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"name": "CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2016-0762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0762"
},
{
"name": "CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"name": "CVE-2014-0033",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0033"
},
{
"name": "CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2019-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
},
{
"name": "CVE-2013-4444",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4444"
},
{
"name": "CVE-2012-3544",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3544"
},
{
"name": "CVE-2012-5887",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5887"
},
{
"name": "CVE-2020-10968",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
},
{
"name": "CVE-2017-5647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2015-5345",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5345"
},
{
"name": "CVE-2020-11112",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
},
{
"name": "CVE-2020-11111",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
},
{
"name": "CVE-2016-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5388"
},
{
"name": "CVE-2014-0096",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0096"
},
{
"name": "CVE-2012-2733",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2733"
},
{
"name": "CVE-2020-14060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
},
{
"name": "CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"name": "CVE-2016-6796",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6796"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2020-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
}
],
"initial_release_date": "2022-06-17T00:00:00",
"last_revision_date": "2022-06-17T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-568",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 les produits IBM 6595755 du 16 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6595755"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 les produits IBM 6595739 du 16 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6595739"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 les produits IBM 6595965 du 16 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6595965"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 les produits IBM 6595721 du 16 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6595721"
}
]
}
CERTFR-2015-AVI-441
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans Oracle Solaris. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Solaris version 10",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Solaris version 11.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-5600",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5600"
},
{
"name": "CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"name": "CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"name": "CVE-2014-8111",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8111"
}
],
"initial_release_date": "2015-10-21T00:00:00",
"last_revision_date": "2015-10-21T00:00:00",
"links": [],
"reference": "CERTFR-2015-AVI-441",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-10-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Solaris\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Solaris",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 20 octobre 2015",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
CERTFR-2015-AVI-317
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans les produits BlueCoat. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Blue Coat HSM Agent pour SafeNet Luna SP",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Management Center",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "X-Series XOS",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "IntelligenceCenter",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Director",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
},
{
"description": "Content Analysis System",
"product": {
"name": "N/A",
"vendor": {
"name": "Bluecoat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-0075",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0075"
},
{
"name": "CVE-2014-0050",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0050"
},
{
"name": "CVE-2014-0119",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0119"
},
{
"name": "CVE-2014-0227",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0227"
},
{
"name": "CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"name": "CVE-2014-0099",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0099"
},
{
"name": "CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"name": "CVE-2014-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0095"
},
{
"name": "CVE-2014-0033",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0033"
},
{
"name": "CVE-2014-0096",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0096"
}
],
"initial_release_date": "2015-07-24T00:00:00",
"last_revision_date": "2015-07-24T00:00:00",
"links": [],
"reference": "CERTFR-2015-AVI-317",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-07-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eBlueCoat\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un contournement de la politique de s\u00e9curit\u00e9, une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits BlueCoat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BlueCoat SA100 du 23 juillet 2015",
"url": "https://bto.bluecoat.com/security-advisory/sa100"
}
]
}
CERTFR-2019-AVI-165
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Tivoli Monitoring | IBM Tivoli Monitoring versions 6.2.3 à 6.2.3 FP5 | ||
| IBM | Spectrum | IBM Spectrum Protect pour station de travail versions 8.1.0.0 à 8.1.2.1 | ||
| IBM | WebSphere | IBM WebSphere Application Server Liberty version 9.0 et 8.5 | ||
| IBM | Spectrum | IBM Spectrum Protect pour station de travail versions 7.1.0.0 à 7.1.8.0 | ||
| IBM | Tivoli Monitoring | IBM Tivoli Monitoring versions 6.3.0 à 6.3.0 FP7 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Tivoli Monitoring versions 6.2.3 \u00e0 6.2.3 FP5",
"product": {
"name": "Tivoli Monitoring",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect pour station de travail versions 8.1.0.0 \u00e0 8.1.2.1",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server Liberty version 9.0 et 8.5",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect pour station de travail versions 7.1.0.0 \u00e0 7.1.8.0",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Tivoli Monitoring versions 6.3.0 \u00e0 6.3.0 FP7",
"product": {
"name": "Tivoli Monitoring",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-1904",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1904"
},
{
"name": "CVE-2018-8039",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8039"
},
{
"name": "CVE-2018-1902",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1902"
},
{
"name": "CVE-2018-1996",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1996"
},
{
"name": "CVE-2019-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2426"
},
{
"name": "CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"name": "CVE-2018-1901",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1901"
},
{
"name": "CVE-2018-12547",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12547"
}
],
"initial_release_date": "2019-04-11T00:00:00",
"last_revision_date": "2019-04-11T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-165",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-04-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10876338 du 09 avril 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10876338"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10874748 du 09 avril 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10874748"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM ibm10873104 du 09 avril 2019",
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10873104"
}
]
}
cnvd-2015-03233
Vulnerability from cnvd
Title
Apache Tomcat Security Manager绕过漏洞
Description
Apache Tomcat是一个流行的开源JSP应用服务器程序。
Apache Tomcat 8.0.0-RC1至8.0.15、7.0.0至7.0.57、6.0.0至6.0.43版本,在特权代码区评估表达式,在实现上存在安全限制绕过漏洞。攻击者利用此漏洞可绕过Security Manager保护机制。
Severity
中
VLAI Severity ?
Patch Name
Apache Tomcat Security Manager绕过漏洞的补丁
Patch Description
Apache Tomcat是一个流行的开源JSP应用服务器程序。Apache Tomcat 8.0.0-RC1至8.0.15、7.0.0至7.0.57、6.0.0至6.0.43版本,在特权代码区评估表达式,在实现上存在安全限制绕过漏洞。攻击者利用此漏洞可绕过Security Manager保护机制。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://tomcat.apache.org/security-8.html http://tomcat.apache.org/security-7.html http://tomcat.apache.org/security-6.html
Reference
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7810
Impacted products
| Name | ['Apache Tomcat Security Manager 8.0.0-RC1至8.0.15', 'Apache Tomcat Security Manager 7.0.0至7.0.57', 'Apache Tomcat Security Manager 6.0.0至6.0.43'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2014-7810"
}
},
"description": "Apache Tomcat\u662f\u4e00\u4e2a\u6d41\u884c\u7684\u5f00\u6e90JSP\u5e94\u7528\u670d\u52a1\u5668\u7a0b\u5e8f\u3002\r\n\r\nApache Tomcat 8.0.0-RC1\u81f38.0.15\u30017.0.0\u81f37.0.57\u30016.0.0\u81f36.0.43\u7248\u672c\uff0c\u5728\u7279\u6743\u4ee3\u7801\u533a\u8bc4\u4f30\u8868\u8fbe\u5f0f\uff0c\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u7ed5\u8fc7Security Manager\u4fdd\u62a4\u673a\u5236\u3002",
"discovererName": "Apache",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://tomcat.apache.org/security-8.html\r\nhttp://tomcat.apache.org/security-7.html\r\nhttp://tomcat.apache.org/security-6.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-03233",
"openTime": "2015-05-20",
"patchDescription": "Apache Tomcat\u662f\u4e00\u4e2a\u6d41\u884c\u7684\u5f00\u6e90JSP\u5e94\u7528\u670d\u52a1\u5668\u7a0b\u5e8f\u3002Apache Tomcat 8.0.0-RC1\u81f38.0.15\u30017.0.0\u81f37.0.57\u30016.0.0\u81f36.0.43\u7248\u672c\uff0c\u5728\u7279\u6743\u4ee3\u7801\u533a\u8bc4\u4f30\u8868\u8fbe\u5f0f\uff0c\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u7ed5\u8fc7Security Manager\u4fdd\u62a4\u673a\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Apache Tomcat Security Manager\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Apache Tomcat Security Manager 8.0.0-RC1\u81f38.0.15",
"Apache Tomcat Security Manager 7.0.0\u81f37.0.57",
"Apache Tomcat Security Manager 6.0.0\u81f36.0.43"
]
},
"referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7810",
"serverity": "\u4e2d",
"submitTime": "2015-05-18",
"title": "Apache Tomcat Security Manager\u7ed5\u8fc7\u6f0f\u6d1e"
}
rhsa-2016_0492
Vulnerability from csaf_redhat
Published
2016-03-22 21:02
Modified
2024-11-22 09:15
Summary
Red Hat Security Advisory: tomcat6 security and bug fix update
Notes
Topic
Updated tomcat6 packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
This update also fixes the following bug:
* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6
servlet resulted in a large memory leak. An upstream patch has been applied
to fix this bug, and the memory leak no longer occurs. (BZ#1301646)
All Tomcat 6 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. Tomcat must be
restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated tomcat6 packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:0492",
"url": "https://access.redhat.com/errata/RHSA-2016:0492"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "1301646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301646"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0492.json"
}
],
"title": "Red Hat Security Advisory: tomcat6 security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T09:15:48+00:00",
"generator": {
"date": "2024-11-22T09:15:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:0492",
"initial_release_date": "2016-03-22T21:02:03+00:00",
"revision_history": [
{
"date": "2016-03-22T21:02:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-03-22T21:02:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T09:15:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.src",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.src",
"product_id": "tomcat6-0:6.0.24-94.el6_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-22T21:02:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0492"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
}
]
}
rhsa-2015_1622
Vulnerability from csaf_redhat
Published
2015-08-13 15:29
Modified
2024-11-25 12:05
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
Updated tomcat6 and tomcat7 packages that fix two security issues are now
available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,
6, and 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated tomcat6 and tomcat7 packages that fix two security issues are now\navailable for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,\n6, and 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1622",
"url": "https://access.redhat.com/errata/RHSA-2015:1622"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1622.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update",
"tracking": {
"current_release_date": "2024-11-25T12:05:12+00:00",
"generator": {
"date": "2024-11-25T12:05:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2015:1622",
"initial_release_date": "2015-08-13T15:29:23+00:00",
"revision_history": [
{
"date": "2015-08-13T15:29:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-08-13T15:29:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-25T12:05:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"product": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"product_id": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src"
},
"product_reference": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0230",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2015-02-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1191200"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0230"
},
{
"category": "external",
"summary": "RHBZ#1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9"
}
],
"release_date": "2014-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:29:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1622"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload"
},
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:29:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1622"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
}
]
}
rhsa-2015_1621
Vulnerability from csaf_redhat
Published
2015-08-13 15:30
Modified
2024-11-25 12:05
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat
JBoss Web Server 2.1.0 that fixes two security issues is now available from
the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat\nJBoss Web Server 2.1.0 that fixes two security issues is now available from\nthe Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1621",
"url": "https://access.redhat.com/errata/RHSA-2015:1621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.0"
},
{
"category": "external",
"summary": "1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1621.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update",
"tracking": {
"current_release_date": "2024-11-25T12:05:07+00:00",
"generator": {
"date": "2024-11-25T12:05:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2015:1621",
"initial_release_date": "2015-08-13T15:30:33+00:00",
"revision_history": [
{
"date": "2015-08-13T15:30:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-08-13T15:30:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-25T12:05:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 2.1",
"product": {
"name": "Red Hat JBoss Web Server 2.1",
"product_id": "Red Hat JBoss Web Server 2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0230",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2015-02-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1191200"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0230"
},
{
"category": "external",
"summary": "RHBZ#1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9"
}
],
"release_date": "2014-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:30:33+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1621"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload"
},
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:30:33+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1621"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
}
]
}
rhsa-2016_2046
Vulnerability from csaf_redhat
Published
2016-10-10 20:38
Modified
2024-11-22 10:10
Summary
Red Hat Security Advisory: tomcat security update
Notes
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)
* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)
* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)
* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)
* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)
Red Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\n* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)\n\n* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)\n\nRed Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:2046",
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "1311085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311085"
},
{
"category": "external",
"summary": "1353809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353809"
},
{
"category": "external",
"summary": "1362545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362545"
},
{
"category": "external",
"summary": "1367447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367447"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2046.json"
}
],
"title": "Red Hat Security Advisory: tomcat security update",
"tracking": {
"current_release_date": "2024-11-22T10:10:37+00:00",
"generator": {
"date": "2024-11-22T10:10:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:2046",
"initial_release_date": "2016-10-10T20:38:43+00:00",
"revision_history": [
{
"date": "2016-10-10T20:38:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-10-10T20:38:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T10:10:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-webapps@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-admin-webapps@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-lib@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-docs-webapp@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-javadoc@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsvc@7.0.54-8.el7_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-0:7.0.54-8.el7_2.src",
"product": {
"name": "tomcat-0:7.0.54-8.el7_2.src",
"product_id": "tomcat-0:7.0.54-8.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
},
{
"cve": "CVE-2015-5346",
"discovery_date": "2014-06-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1311085"
}
],
"notes": [
{
"category": "description",
"text": "A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Session fixation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5346"
},
{
"category": "external",
"summary": "RHBZ#1311085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311085"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5346",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5346"
},
{
"category": "external",
"summary": "http://seclists.org/bugtraq/2016/Feb/143",
"url": "http://seclists.org/bugtraq/2016/Feb/143"
}
],
"release_date": "2016-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Session fixation"
},
{
"acknowledgments": [
{
"names": [
"Scott Geary"
],
"organization": "VendHQ"
}
],
"cve": "CVE-2016-5388",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2016-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1353809"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat: CGI sets environmental variable based on user supplied Proxy request header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5388"
},
{
"category": "external",
"summary": "RHBZ#1353809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5388"
}
],
"release_date": "2016-07-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat: CGI sets environmental variable based on user supplied Proxy request header"
},
{
"acknowledgments": [
{
"names": [
"Dawid Golunski"
],
"organization": "http://legalhackers.com"
}
],
"cve": "CVE-2016-5425",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1362545"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Local privilege escalation via systemd-tmpfiles service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5425"
},
{
"category": "external",
"summary": "RHBZ#1362545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362545"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5425",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5425"
},
{
"category": "external",
"summary": "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt",
"url": "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt"
}
],
"release_date": "2016-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Local privilege escalation via systemd-tmpfiles service"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-6325",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1367447"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: tomcat writable config files allow privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6325"
},
{
"category": "external",
"summary": "RHBZ#1367447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6325",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6325"
}
],
"release_date": "2016-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: tomcat writable config files allow privilege escalation"
}
]
}
rhsa-2015:1621
Vulnerability from csaf_redhat
Published
2015-08-13 15:30
Modified
2025-10-09 15:14
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat
JBoss Web Server 2.1.0 that fixes two security issues is now available from
the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat\nJBoss Web Server 2.1.0 that fixes two security issues is now available from\nthe Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1621",
"url": "https://access.redhat.com/errata/RHSA-2015:1621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.0"
},
{
"category": "external",
"summary": "1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1621.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update",
"tracking": {
"current_release_date": "2025-10-09T15:14:56+00:00",
"generator": {
"date": "2025-10-09T15:14:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2015:1621",
"initial_release_date": "2015-08-13T15:30:33+00:00",
"revision_history": [
{
"date": "2015-08-13T15:30:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-08-13T15:30:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T15:14:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 2.1",
"product": {
"name": "Red Hat JBoss Web Server 2.1",
"product_id": "Red Hat JBoss Web Server 2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0230",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2015-02-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1191200"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0230"
},
{
"category": "external",
"summary": "RHBZ#1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9"
}
],
"release_date": "2014-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:30:33+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1621"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload"
},
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:30:33+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1621"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
}
]
}
rhsa-2016:0492
Vulnerability from csaf_redhat
Published
2016-03-22 21:02
Modified
2025-10-09 15:26
Summary
Red Hat Security Advisory: tomcat6 security and bug fix update
Notes
Topic
Updated tomcat6 packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
This update also fixes the following bug:
* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6
servlet resulted in a large memory leak. An upstream patch has been applied
to fix this bug, and the memory leak no longer occurs. (BZ#1301646)
All Tomcat 6 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. Tomcat must be
restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated tomcat6 packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:0492",
"url": "https://access.redhat.com/errata/RHSA-2016:0492"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "1301646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301646"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0492.json"
}
],
"title": "Red Hat Security Advisory: tomcat6 security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T15:26:10+00:00",
"generator": {
"date": "2025-10-09T15:26:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2016:0492",
"initial_release_date": "2016-03-22T21:02:03+00:00",
"revision_history": [
{
"date": "2016-03-22T21:02:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-03-22T21:02:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T15:26:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.src",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.src",
"product_id": "tomcat6-0:6.0.24-94.el6_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-22T21:02:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0492"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
}
]
}
RHSA-2016:2046
Vulnerability from csaf_redhat
Published
2016-10-10 20:38
Modified
2025-10-09 15:26
Summary
Red Hat Security Advisory: tomcat security update
Notes
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)
* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)
* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)
* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)
* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)
Red Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\n* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)\n\n* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)\n\nRed Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:2046",
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "1311085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311085"
},
{
"category": "external",
"summary": "1353809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353809"
},
{
"category": "external",
"summary": "1362545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362545"
},
{
"category": "external",
"summary": "1367447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367447"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2046.json"
}
],
"title": "Red Hat Security Advisory: tomcat security update",
"tracking": {
"current_release_date": "2025-10-09T15:26:06+00:00",
"generator": {
"date": "2025-10-09T15:26:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2016:2046",
"initial_release_date": "2016-10-10T20:38:43+00:00",
"revision_history": [
{
"date": "2016-10-10T20:38:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-10-10T20:38:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T15:26:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-webapps@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-admin-webapps@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-lib@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-docs-webapp@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-javadoc@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsvc@7.0.54-8.el7_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-0:7.0.54-8.el7_2.src",
"product": {
"name": "tomcat-0:7.0.54-8.el7_2.src",
"product_id": "tomcat-0:7.0.54-8.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
},
{
"cve": "CVE-2015-5346",
"discovery_date": "2014-06-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1311085"
}
],
"notes": [
{
"category": "description",
"text": "A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Session fixation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5346"
},
{
"category": "external",
"summary": "RHBZ#1311085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311085"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5346",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5346"
},
{
"category": "external",
"summary": "http://seclists.org/bugtraq/2016/Feb/143",
"url": "http://seclists.org/bugtraq/2016/Feb/143"
}
],
"release_date": "2016-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Session fixation"
},
{
"acknowledgments": [
{
"names": [
"Scott Geary"
],
"organization": "VendHQ"
}
],
"cve": "CVE-2016-5388",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2016-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1353809"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat: CGI sets environmental variable based on user supplied Proxy request header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5388"
},
{
"category": "external",
"summary": "RHBZ#1353809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5388"
}
],
"release_date": "2016-07-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat: CGI sets environmental variable based on user supplied Proxy request header"
},
{
"acknowledgments": [
{
"names": [
"Dawid Golunski"
],
"organization": "http://legalhackers.com"
}
],
"cve": "CVE-2016-5425",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1362545"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Local privilege escalation via systemd-tmpfiles service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5425"
},
{
"category": "external",
"summary": "RHBZ#1362545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362545"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5425",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5425"
},
{
"category": "external",
"summary": "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt",
"url": "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt"
}
],
"release_date": "2016-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Local privilege escalation via systemd-tmpfiles service"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-6325",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1367447"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: tomcat writable config files allow privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6325"
},
{
"category": "external",
"summary": "RHBZ#1367447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6325",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6325"
}
],
"release_date": "2016-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: tomcat writable config files allow privilege escalation"
}
]
}
RHSA-2015:1622
Vulnerability from csaf_redhat
Published
2015-08-13 15:29
Modified
2025-10-09 15:14
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
Updated tomcat6 and tomcat7 packages that fix two security issues are now
available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,
6, and 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated tomcat6 and tomcat7 packages that fix two security issues are now\navailable for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,\n6, and 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1622",
"url": "https://access.redhat.com/errata/RHSA-2015:1622"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1622.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update",
"tracking": {
"current_release_date": "2025-10-09T15:14:57+00:00",
"generator": {
"date": "2025-10-09T15:14:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2015:1622",
"initial_release_date": "2015-08-13T15:29:23+00:00",
"revision_history": [
{
"date": "2015-08-13T15:29:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-08-13T15:29:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T15:14:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"product": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"product_id": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src"
},
"product_reference": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0230",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2015-02-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1191200"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0230"
},
{
"category": "external",
"summary": "RHBZ#1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9"
}
],
"release_date": "2014-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:29:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1622"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload"
},
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:29:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1622"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
}
]
}
rhsa-2016:2046
Vulnerability from csaf_redhat
Published
2016-10-10 20:38
Modified
2025-10-09 15:26
Summary
Red Hat Security Advisory: tomcat security update
Notes
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)
* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)
* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)
* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)
* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)
Red Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\n* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)\n\n* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)\n\nRed Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:2046",
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "1311085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311085"
},
{
"category": "external",
"summary": "1353809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353809"
},
{
"category": "external",
"summary": "1362545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362545"
},
{
"category": "external",
"summary": "1367447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367447"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2046.json"
}
],
"title": "Red Hat Security Advisory: tomcat security update",
"tracking": {
"current_release_date": "2025-10-09T15:26:06+00:00",
"generator": {
"date": "2025-10-09T15:26:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2016:2046",
"initial_release_date": "2016-10-10T20:38:43+00:00",
"revision_history": [
{
"date": "2016-10-10T20:38:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-10-10T20:38:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T15:26:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-webapps@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-admin-webapps@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-lib@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-docs-webapp@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-javadoc@7.0.54-8.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"product": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"product_id": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat-jsvc@7.0.54-8.el7_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-0:7.0.54-8.el7_2.src",
"product": {
"name": "tomcat-0:7.0.54-8.el7_2.src",
"product_id": "tomcat-0:7.0.54-8.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Client-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Server-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src"
},
"product_reference": "tomcat-0:7.0.54-8.el7_2.src",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
},
"product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.2.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
},
{
"cve": "CVE-2015-5346",
"discovery_date": "2014-06-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1311085"
}
],
"notes": [
{
"category": "description",
"text": "A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Session fixation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-5346"
},
{
"category": "external",
"summary": "RHBZ#1311085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311085"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-5346",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5346"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5346",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5346"
},
{
"category": "external",
"summary": "http://seclists.org/bugtraq/2016/Feb/143",
"url": "http://seclists.org/bugtraq/2016/Feb/143"
}
],
"release_date": "2016-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Session fixation"
},
{
"acknowledgments": [
{
"names": [
"Scott Geary"
],
"organization": "VendHQ"
}
],
"cve": "CVE-2016-5388",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2016-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1353809"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat: CGI sets environmental variable based on user supplied Proxy request header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5388"
},
{
"category": "external",
"summary": "RHBZ#1353809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5388"
}
],
"release_date": "2016-07-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat: CGI sets environmental variable based on user supplied Proxy request header"
},
{
"acknowledgments": [
{
"names": [
"Dawid Golunski"
],
"organization": "http://legalhackers.com"
}
],
"cve": "CVE-2016-5425",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1362545"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Local privilege escalation via systemd-tmpfiles service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5425"
},
{
"category": "external",
"summary": "RHBZ#1362545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362545"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5425",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5425"
},
{
"category": "external",
"summary": "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt",
"url": "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt"
}
],
"release_date": "2016-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Local privilege escalation via systemd-tmpfiles service"
},
{
"acknowledgments": [
{
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-6325",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2016-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1367447"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: tomcat writable config files allow privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6325"
},
{
"category": "external",
"summary": "RHBZ#1367447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367447"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6325",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6325"
}
],
"release_date": "2016-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-10-10T20:38:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2046"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src",
"7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch",
"7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: tomcat writable config files allow privilege escalation"
}
]
}
RHSA-2015:1621
Vulnerability from csaf_redhat
Published
2015-08-13 15:30
Modified
2025-10-09 15:14
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat
JBoss Web Server 2.1.0 that fixes two security issues is now available from
the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat\nJBoss Web Server 2.1.0 that fixes two security issues is now available from\nthe Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1621",
"url": "https://access.redhat.com/errata/RHSA-2015:1621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.0"
},
{
"category": "external",
"summary": "1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1621.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update",
"tracking": {
"current_release_date": "2025-10-09T15:14:56+00:00",
"generator": {
"date": "2025-10-09T15:14:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2015:1621",
"initial_release_date": "2015-08-13T15:30:33+00:00",
"revision_history": [
{
"date": "2015-08-13T15:30:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-08-13T15:30:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T15:14:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 2.1",
"product": {
"name": "Red Hat JBoss Web Server 2.1",
"product_id": "Red Hat JBoss Web Server 2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0230",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2015-02-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1191200"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0230"
},
{
"category": "external",
"summary": "RHBZ#1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9"
}
],
"release_date": "2014-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:30:33+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1621"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload"
},
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:30:33+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).",
"product_ids": [
"Red Hat JBoss Web Server 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1621"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Web Server 2.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
}
]
}
rhsa-2015:1622
Vulnerability from csaf_redhat
Published
2015-08-13 15:29
Modified
2025-10-09 15:14
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
Updated tomcat6 and tomcat7 packages that fix two security issues are now
available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,
6, and 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated tomcat6 and tomcat7 packages that fix two security issues are now\navailable for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,\n6, and 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1622",
"url": "https://access.redhat.com/errata/RHSA-2015:1622"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1622.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update",
"tracking": {
"current_release_date": "2025-10-09T15:14:57+00:00",
"generator": {
"date": "2025-10-09T15:14:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2015:1622",
"initial_release_date": "2015-08-13T15:29:23+00:00",
"revision_history": [
{
"date": "2015-08-13T15:29:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-08-13T15:29:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T15:14:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_id": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"product": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"product_id": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"product": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"product": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server",
"product_id": "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src"
},
"product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
"product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src"
},
"product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src"
},
"product_reference": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
"product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
},
"product_reference": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEWS-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0230",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2015-02-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1191200"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0230"
},
{
"category": "external",
"summary": "RHBZ#1191200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9"
}
],
"release_date": "2014-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:29:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1622"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload"
},
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-13T15:29:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1622"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src",
"5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch",
"5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src",
"6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch",
"6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src",
"7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch",
"7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
}
]
}
RHSA-2016:0492
Vulnerability from csaf_redhat
Published
2016-03-22 21:02
Modified
2025-10-09 15:26
Summary
Red Hat Security Advisory: tomcat6 security and bug fix update
Notes
Topic
Updated tomcat6 packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
This update also fixes the following bug:
* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6
servlet resulted in a large memory leak. An upstream patch has been applied
to fix this bug, and the memory leak no longer occurs. (BZ#1301646)
All Tomcat 6 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. Tomcat must be
restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated tomcat6 packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:0492",
"url": "https://access.redhat.com/errata/RHSA-2016:0492"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "1301646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301646"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0492.json"
}
],
"title": "Red Hat Security Advisory: tomcat6 security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T15:26:10+00:00",
"generator": {
"date": "2025-10-09T15:26:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2016:0492",
"initial_release_date": "2016-03-22T21:02:03+00:00",
"revision_history": [
{
"date": "2016-03-22T21:02:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-03-22T21:02:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T15:26:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.src",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.src",
"product_id": "tomcat6-0:6.0.24-94.el6_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"product": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"product_id": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Client-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Server-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.src",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
},
"product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.7.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-7810",
"discovery_date": "2015-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1222573"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Tomcat/JbossWeb: security manager bypass via EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "RHBZ#1222573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
"url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59",
"url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59"
},
{
"category": "external",
"summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17",
"url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-22T21:02:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0492"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src",
"6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x",
"6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Tomcat/JbossWeb: security manager bypass via EL expressions"
}
]
}
suse-su-2015:1565-1
Vulnerability from csaf_suse
Published
2015-09-11 01:45
Modified
2015-09-11 01:45
Summary
Security update for tomcat6
Notes
Title of the patch
Security update for tomcat6
Description of the patch
This update for Tomcat fixes the following security issues:
- CVE-2014-7810: Security manager bypass via EL expressions. (bsc#931442)
It was found that the expression language resolver evaluated expressions within a
privileged code section. A malicious web application could have used this flaw to
bypass security manager protections.
- CVE-2014-0227: Limited DoS in chunked transfer encoding input filter. (bsc#917127)
It was discovered that the ChunkedInputFilter implementation did not fail subsequent
attempts to read input early enough. A remote attacker could have used this flaw to
perform a denial of service attack, by streaming an unlimited quantity of data,
leading to consumption of server resources.
- CVE-2014-0230: Non-persistent DoS attack by feeding data by aborting an upload
It was possible for a remote attacker to trigger a non-persistent DoS attack by
feeding data by aborting an upload. (bsc#926762)
Additionally, the following non-security issues have been fixed:
- Fix rights of all files within /usr/share/tomcat6/bin. (bsc#906152)
- Don't overwrite /var/run/tomcat6.pid when Tomcat is already running. (bsc#934219)
- Miscellaneous fixes and improvements to Tomcat's init script. (bsc#932698)
Patchnames
slessp4-tomcat6-12092
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tomcat6",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for Tomcat fixes the following security issues:\n\n- CVE-2014-7810: Security manager bypass via EL expressions. (bsc#931442)\nIt was found that the expression language resolver evaluated expressions within a\nprivileged code section. A malicious web application could have used this flaw to\nbypass security manager protections.\n\n- CVE-2014-0227: Limited DoS in chunked transfer encoding input filter. (bsc#917127)\nIt was discovered that the ChunkedInputFilter implementation did not fail subsequent\nattempts to read input early enough. A remote attacker could have used this flaw to\nperform a denial of service attack, by streaming an unlimited quantity of data,\nleading to consumption of server resources.\n\n- CVE-2014-0230: Non-persistent DoS attack by feeding data by aborting an upload\nIt was possible for a remote attacker to trigger a non-persistent DoS attack by\nfeeding data by aborting an upload. (bsc#926762)\n\nAdditionally, the following non-security issues have been fixed:\n\n- Fix rights of all files within /usr/share/tomcat6/bin. (bsc#906152)\n- Don\u0027t overwrite /var/run/tomcat6.pid when Tomcat is already running. (bsc#934219)\n- Miscellaneous fixes and improvements to Tomcat\u0027s init script. (bsc#932698)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-tomcat6-12092",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1565-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1565-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151565-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1565-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-September/001594.html"
},
{
"category": "self",
"summary": "SUSE Bug 906152",
"url": "https://bugzilla.suse.com/906152"
},
{
"category": "self",
"summary": "SUSE Bug 917127",
"url": "https://bugzilla.suse.com/917127"
},
{
"category": "self",
"summary": "SUSE Bug 926762",
"url": "https://bugzilla.suse.com/926762"
},
{
"category": "self",
"summary": "SUSE Bug 931442",
"url": "https://bugzilla.suse.com/931442"
},
{
"category": "self",
"summary": "SUSE Bug 932698",
"url": "https://bugzilla.suse.com/932698"
},
{
"category": "self",
"summary": "SUSE Bug 934219",
"url": "https://bugzilla.suse.com/934219"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0227 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0230 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-7810 page",
"url": "https://www.suse.com/security/cve/CVE-2014-7810/"
}
],
"title": "Security update for tomcat6",
"tracking": {
"current_release_date": "2015-09-11T01:45:16Z",
"generator": {
"date": "2015-09-11T01:45:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1565-1",
"initial_release_date": "2015-09-11T01:45:16Z",
"revision_history": [
{
"date": "2015-09-11T01:45:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-6.0.41-0.47.1.noarch",
"product": {
"name": "tomcat6-6.0.41-0.47.1.noarch",
"product_id": "tomcat6-6.0.41-0.47.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"product": {
"name": "tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"product_id": "tomcat6-admin-webapps-6.0.41-0.47.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"product": {
"name": "tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"product_id": "tomcat6-docs-webapp-6.0.41-0.47.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-6.0.41-0.47.1.noarch",
"product": {
"name": "tomcat6-javadoc-6.0.41-0.47.1.noarch",
"product_id": "tomcat6-javadoc-6.0.41-0.47.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"product": {
"name": "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"product_id": "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-lib-6.0.41-0.47.1.noarch",
"product": {
"name": "tomcat6-lib-6.0.41-0.47.1.noarch",
"product_id": "tomcat6-lib-6.0.41-0.47.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"product": {
"name": "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"product_id": "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-6.0.41-0.47.1.noarch",
"product": {
"name": "tomcat6-webapps-6.0.41-0.47.1.noarch",
"product_id": "tomcat6-webapps-6.0.41-0.47.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-javadoc-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-lib-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-webapps-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-javadoc-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-lib-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-6.0.41-0.47.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch"
},
"product_reference": "tomcat6-webapps-6.0.41-0.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-0227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0227"
}
],
"notes": [
{
"category": "general",
"text": "java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0227",
"url": "https://www.suse.com/security/cve/CVE-2014-0227"
},
{
"category": "external",
"summary": "SUSE Bug 917127 for CVE-2014-0227",
"url": "https://bugzilla.suse.com/917127"
},
{
"category": "external",
"summary": "SUSE Bug 926762 for CVE-2014-0227",
"url": "https://bugzilla.suse.com/926762"
},
{
"category": "external",
"summary": "SUSE Bug 988489 for CVE-2014-0227",
"url": "https://bugzilla.suse.com/988489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-09-11T01:45:16Z",
"details": "moderate"
}
],
"title": "CVE-2014-0227"
},
{
"cve": "CVE-2014-0230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0230"
}
],
"notes": [
{
"category": "general",
"text": "Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0230",
"url": "https://www.suse.com/security/cve/CVE-2014-0230"
},
{
"category": "external",
"summary": "SUSE Bug 926762 for CVE-2014-0230",
"url": "https://bugzilla.suse.com/926762"
},
{
"category": "external",
"summary": "SUSE Bug 988489 for CVE-2014-0230",
"url": "https://bugzilla.suse.com/988489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-09-11T01:45:16Z",
"details": "important"
}
],
"title": "CVE-2014-0230"
},
{
"cve": "CVE-2014-7810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-7810"
}
],
"notes": [
{
"category": "general",
"text": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-7810",
"url": "https://www.suse.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "SUSE Bug 931442 for CVE-2014-7810",
"url": "https://bugzilla.suse.com/931442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-admin-webapps-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-docs-webapp-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-javadoc-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-jsp-2_1-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-lib-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-servlet-2_5-api-6.0.41-0.47.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tomcat6-webapps-6.0.41-0.47.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-09-11T01:45:16Z",
"details": "moderate"
}
],
"title": "CVE-2014-7810"
}
]
}
suse-su-2015:1281-1
Vulnerability from csaf_suse
Published
2015-06-18 06:59
Modified
2015-06-18 06:59
Summary
Security update for tomcat
Notes
Title of the patch
Security update for tomcat
Description of the patch
This update fixes the following security issue:
- CVE-2014-7810: Security manager bypass via EL expression (bnc#931442)
Patchnames
SUSE-SLE-SERVER-12-2015-336
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tomcat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n This update fixes the following security issue:\n - CVE-2014-7810: Security manager bypass via EL expression (bnc#931442)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-2015-336",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1281-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1281-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151281-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1281-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-July/001506.html"
},
{
"category": "self",
"summary": "SUSE Bug 931442",
"url": "https://bugzilla.suse.com/931442"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-7810 page",
"url": "https://www.suse.com/security/cve/CVE-2014-7810/"
}
],
"title": "Security update for tomcat",
"tracking": {
"current_release_date": "2015-06-18T06:59:00Z",
"generator": {
"date": "2015-06-18T06:59:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1281-1",
"initial_release_date": "2015-06-18T06:59:00Z",
"revision_history": [
{
"date": "2015-06-18T06:59:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tomcat-7.0.55-8.2.noarch",
"product": {
"name": "tomcat-7.0.55-8.2.noarch",
"product_id": "tomcat-7.0.55-8.2.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-7.0.55-8.2.noarch",
"product": {
"name": "tomcat-admin-webapps-7.0.55-8.2.noarch",
"product_id": "tomcat-admin-webapps-7.0.55-8.2.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-7.0.55-8.2.noarch",
"product": {
"name": "tomcat-docs-webapp-7.0.55-8.2.noarch",
"product_id": "tomcat-docs-webapp-7.0.55-8.2.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-el-2_2-api-7.0.55-8.2.noarch",
"product": {
"name": "tomcat-el-2_2-api-7.0.55-8.2.noarch",
"product_id": "tomcat-el-2_2-api-7.0.55-8.2.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-7.0.55-8.2.noarch",
"product": {
"name": "tomcat-javadoc-7.0.55-8.2.noarch",
"product_id": "tomcat-javadoc-7.0.55-8.2.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-jsp-2_2-api-7.0.55-8.2.noarch",
"product": {
"name": "tomcat-jsp-2_2-api-7.0.55-8.2.noarch",
"product_id": "tomcat-jsp-2_2-api-7.0.55-8.2.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-lib-7.0.55-8.2.noarch",
"product": {
"name": "tomcat-lib-7.0.55-8.2.noarch",
"product_id": "tomcat-lib-7.0.55-8.2.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-servlet-3_0-api-7.0.55-8.2.noarch",
"product": {
"name": "tomcat-servlet-3_0-api-7.0.55-8.2.noarch",
"product_id": "tomcat-servlet-3_0-api-7.0.55-8.2.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-webapps-7.0.55-8.2.noarch",
"product": {
"name": "tomcat-webapps-7.0.55-8.2.noarch",
"product_id": "tomcat-webapps-7.0.55-8.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:tomcat-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:tomcat-admin-webapps-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-admin-webapps-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:tomcat-docs-webapp-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-docs-webapp-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2_2-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:tomcat-el-2_2-api-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-el-2_2-api-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:tomcat-javadoc-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-javadoc-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_2-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-jsp-2_2-api-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:tomcat-lib-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-lib-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3_0-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-servlet-3_0-api-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:tomcat-webapps-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-webapps-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-admin-webapps-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-admin-webapps-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-docs-webapp-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-docs-webapp-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-2_2-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-el-2_2-api-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-el-2_2-api-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-javadoc-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-javadoc-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_2-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-jsp-2_2-api-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-lib-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-lib-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-3_0-api-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-servlet-3_0-api-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-7.0.55-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:tomcat-webapps-7.0.55-8.2.noarch"
},
"product_reference": "tomcat-webapps-7.0.55-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-7810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-7810"
}
],
"notes": [
{
"category": "general",
"text": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12:tomcat-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-admin-webapps-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-docs-webapp-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-el-2_2-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-javadoc-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-lib-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-webapps-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-admin-webapps-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-docs-webapp-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-el-2_2-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-javadoc-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-lib-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-webapps-7.0.55-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-7810",
"url": "https://www.suse.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "SUSE Bug 931442 for CVE-2014-7810",
"url": "https://bugzilla.suse.com/931442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12:tomcat-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-admin-webapps-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-docs-webapp-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-el-2_2-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-javadoc-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-lib-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server 12:tomcat-webapps-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-admin-webapps-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-docs-webapp-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-el-2_2-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-javadoc-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-jsp-2_2-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-lib-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-servlet-3_0-api-7.0.55-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:tomcat-webapps-7.0.55-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-06-18T06:59:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-7810"
}
]
}
suse-su-2015:1337-1
Vulnerability from csaf_suse
Published
2013-08-02 13:29
Modified
2013-08-02 13:29
Summary
Security update for tomcat6
Notes
Title of the patch
Security update for tomcat6
Description of the patch
This update of tomcat6 fixes:
* apache-tomcat-CVE-2012-3544.patch (bnc#831119)
* use chown --no-dereference to prevent symlink attacks on log
(bnc#822177#c7/prevents CVE-2013-1976)
* Fix tomcat init scripts generating malformed classpath (
http://youtrack.jetbrains.com/issue/JT-18545
<http://youtrack.jetbrains.com/issue/JT-18545> ) bnc#804992 (patch
from m407)
* fix a typo in initscript (bnc#768772 )
* copy all shell scripts (bnc#818948)
Security Issue references:
* CVE-2012-3544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544>
* CVE-2013-1976
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1976>
* CVE-2012-0022
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022>
Patchnames
slessp3-tomcat6
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tomcat6",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update of tomcat6 fixes:\n\n * apache-tomcat-CVE-2012-3544.patch (bnc#831119)\n * use chown --no-dereference to prevent symlink attacks on log\n (bnc#822177#c7/prevents CVE-2013-1976)\n * Fix tomcat init scripts generating malformed classpath (\n http://youtrack.jetbrains.com/issue/JT-18545\n \u003chttp://youtrack.jetbrains.com/issue/JT-18545\u003e ) bnc#804992 (patch\n from m407)\n * fix a typo in initscript (bnc#768772 )\n * copy all shell scripts (bnc#818948)\n\nSecurity Issue references:\n\n * CVE-2012-3544\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544\u003e\n * CVE-2013-1976\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1976\u003e\n * CVE-2012-0022\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022\u003e\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp3-tomcat6",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1337-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1337-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151337-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1337-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-August/001523.html"
},
{
"category": "self",
"summary": "SUSE Bug 768772",
"url": "https://bugzilla.suse.com/768772"
},
{
"category": "self",
"summary": "SUSE Bug 804992",
"url": "https://bugzilla.suse.com/804992"
},
{
"category": "self",
"summary": "SUSE Bug 818948",
"url": "https://bugzilla.suse.com/818948"
},
{
"category": "self",
"summary": "SUSE Bug 822177",
"url": "https://bugzilla.suse.com/822177"
},
{
"category": "self",
"summary": "SUSE Bug 831119",
"url": "https://bugzilla.suse.com/831119"
},
{
"category": "self",
"summary": "SUSE Bug 906152",
"url": "https://bugzilla.suse.com/906152"
},
{
"category": "self",
"summary": "SUSE Bug 917127",
"url": "https://bugzilla.suse.com/917127"
},
{
"category": "self",
"summary": "SUSE Bug 918195",
"url": "https://bugzilla.suse.com/918195"
},
{
"category": "self",
"summary": "SUSE Bug 926762",
"url": "https://bugzilla.suse.com/926762"
},
{
"category": "self",
"summary": "SUSE Bug 931442",
"url": "https://bugzilla.suse.com/931442"
},
{
"category": "self",
"summary": "SUSE Bug 932698",
"url": "https://bugzilla.suse.com/932698"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0022 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3544 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1976 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0227 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0230 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-7810 page",
"url": "https://www.suse.com/security/cve/CVE-2014-7810/"
}
],
"title": "Security update for tomcat6",
"tracking": {
"current_release_date": "2013-08-02T13:29:14Z",
"generator": {
"date": "2013-08-02T13:29:14Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1337-1",
"initial_release_date": "2013-08-02T13:29:14Z",
"revision_history": [
{
"date": "2013-08-02T13:29:14Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tomcat6-6.0.18-20.35.42.1.noarch",
"product": {
"name": "tomcat6-6.0.18-20.35.42.1.noarch",
"product_id": "tomcat6-6.0.18-20.35.42.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"product": {
"name": "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"product_id": "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"product": {
"name": "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"product_id": "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"product": {
"name": "tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"product_id": "tomcat6-javadoc-6.0.18-20.35.42.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"product": {
"name": "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"product_id": "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-lib-6.0.18-20.35.42.1.noarch",
"product": {
"name": "tomcat6-lib-6.0.18-20.35.42.1.noarch",
"product_id": "tomcat6-lib-6.0.18-20.35.42.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"product": {
"name": "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"product_id": "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"product": {
"name": "tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"product_id": "tomcat6-webapps-6.0.18-20.35.42.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-lib-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3",
"product_id": "SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-lib-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-javadoc-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-lib-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-lib-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat6-webapps-6.0.18-20.35.42.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
},
"product_reference": "tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-0022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0022"
}
],
"notes": [
{
"category": "general",
"text": "Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0022",
"url": "https://www.suse.com/security/cve/CVE-2012-0022"
},
{
"category": "external",
"summary": "SUSE Bug 742477 for CVE-2012-0022",
"url": "https://bugzilla.suse.com/742477"
},
{
"category": "external",
"summary": "SUSE Bug 745056 for CVE-2012-0022",
"url": "https://bugzilla.suse.com/745056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2013-08-02T13:29:14Z",
"details": "moderate"
}
],
"title": "CVE-2012-0022"
},
{
"cve": "CVE-2012-3544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3544"
}
],
"notes": [
{
"category": "general",
"text": "Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3544",
"url": "https://www.suse.com/security/cve/CVE-2012-3544"
},
{
"category": "external",
"summary": "SUSE Bug 822177 for CVE-2012-3544",
"url": "https://bugzilla.suse.com/822177"
},
{
"category": "external",
"summary": "SUSE Bug 831119 for CVE-2012-3544",
"url": "https://bugzilla.suse.com/831119"
},
{
"category": "external",
"summary": "SUSE Bug 865746 for CVE-2012-3544",
"url": "https://bugzilla.suse.com/865746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2013-08-02T13:29:14Z",
"details": "low"
}
],
"title": "CVE-2012-3544"
},
{
"cve": "CVE-2013-1976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1976"
}
],
"notes": [
{
"category": "general",
"text": "The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) tomcat5-initd.log, (b) tomcat6-initd.log, (c) catalina.out, or (d) tomcat7-initd.log.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1976",
"url": "https://www.suse.com/security/cve/CVE-2013-1976"
},
{
"category": "external",
"summary": "SUSE Bug 822177 for CVE-2013-1976",
"url": "https://bugzilla.suse.com/822177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2013-08-02T13:29:14Z",
"details": "moderate"
}
],
"title": "CVE-2013-1976"
},
{
"cve": "CVE-2014-0227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0227"
}
],
"notes": [
{
"category": "general",
"text": "java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0227",
"url": "https://www.suse.com/security/cve/CVE-2014-0227"
},
{
"category": "external",
"summary": "SUSE Bug 917127 for CVE-2014-0227",
"url": "https://bugzilla.suse.com/917127"
},
{
"category": "external",
"summary": "SUSE Bug 926762 for CVE-2014-0227",
"url": "https://bugzilla.suse.com/926762"
},
{
"category": "external",
"summary": "SUSE Bug 988489 for CVE-2014-0227",
"url": "https://bugzilla.suse.com/988489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2013-08-02T13:29:14Z",
"details": "moderate"
}
],
"title": "CVE-2014-0227"
},
{
"cve": "CVE-2014-0230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0230"
}
],
"notes": [
{
"category": "general",
"text": "Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0230",
"url": "https://www.suse.com/security/cve/CVE-2014-0230"
},
{
"category": "external",
"summary": "SUSE Bug 926762 for CVE-2014-0230",
"url": "https://bugzilla.suse.com/926762"
},
{
"category": "external",
"summary": "SUSE Bug 988489 for CVE-2014-0230",
"url": "https://bugzilla.suse.com/988489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2013-08-02T13:29:14Z",
"details": "important"
}
],
"title": "CVE-2014-0230"
},
{
"cve": "CVE-2014-7810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-7810"
}
],
"notes": [
{
"category": "general",
"text": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-7810",
"url": "https://www.suse.com/security/cve/CVE-2014-7810"
},
{
"category": "external",
"summary": "SUSE Bug 931442 for CVE-2014-7810",
"url": "https://bugzilla.suse.com/931442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-admin-webapps-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-docs-webapp-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-javadoc-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-jsp-2_1-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-lib-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-servlet-2_5-api-6.0.18-20.35.42.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 11 SP3:tomcat6-webapps-6.0.18-20.35.42.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2013-08-02T13:29:14Z",
"details": "moderate"
}
],
"title": "CVE-2014-7810"
}
]
}
wid-sec-w-2023-1594
Vulnerability from csaf_certbund
Published
2023-06-28 22:00
Modified
2023-06-28 22:00
Summary
IBM Tivoli Network Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Tivoli Network Manager ist eine Netzanalysesoftware f\u00fcr das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1594 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1594.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1594 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1594"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/885316"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/884276"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/883428"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/883424"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/882926"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/882898"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/882888"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/880403"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/880401"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/880395"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/879855"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/879841"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870546"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870526"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870508"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870504"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870500"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870498"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/743933"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739297"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739271"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739249"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739247"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739245"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739243"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/738231"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/731931"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730883"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730871"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730845"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730835"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730171"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/720307"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/720283"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/720265"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/718745"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717345"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717335"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717327"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717007"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/716573"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/712213"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/712199"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/570557"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/569765"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/569727"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/569717"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/305321"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/304091"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/304089"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/303663"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/303657"
}
],
"source_lang": "en-US",
"title": "IBM Tivoli Network Manager: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-28T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:53:31.776+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1594",
"initial_release_date": "2023-06-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-06-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 5",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 5",
"product_id": "T028343",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_5"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9",
"product_id": "T028344",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.1.1",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.1.1",
"product_id": "T028345",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.1.1"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.2",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.2",
"product_id": "T028346",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.2"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.4",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.4",
"product_id": "T028347",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.4"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.5",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.5",
"product_id": "T028348",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.5"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 4",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 4",
"product_id": "T028349",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_4"
}
}
}
],
"category": "product_name",
"name": "Tivoli Network Manager"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-4046",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-4046"
},
{
"cve": "CVE-2019-4030",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-4030"
},
{
"cve": "CVE-2019-2684",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2684"
},
{
"cve": "CVE-2019-2602",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2602"
},
{
"cve": "CVE-2019-2537",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2537"
},
{
"cve": "CVE-2019-2534",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2534"
},
{
"cve": "CVE-2019-2531",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2531"
},
{
"cve": "CVE-2019-2529",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2529"
},
{
"cve": "CVE-2019-2503",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2503"
},
{
"cve": "CVE-2019-2482",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2482"
},
{
"cve": "CVE-2019-2481",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2481"
},
{
"cve": "CVE-2019-2455",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2455"
},
{
"cve": "CVE-2019-1559",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-1559"
},
{
"cve": "CVE-2019-0220",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-0220"
},
{
"cve": "CVE-2018-8039",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-8039"
},
{
"cve": "CVE-2018-5407",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-5407"
},
{
"cve": "CVE-2018-3282",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3282"
},
{
"cve": "CVE-2018-3278",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3278"
},
{
"cve": "CVE-2018-3276",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3276"
},
{
"cve": "CVE-2018-3251",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3251"
},
{
"cve": "CVE-2018-3247",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3247"
},
{
"cve": "CVE-2018-3174",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3174"
},
{
"cve": "CVE-2018-3156",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3156"
},
{
"cve": "CVE-2018-3143",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3143"
},
{
"cve": "CVE-2018-3123",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3123"
},
{
"cve": "CVE-2018-3084",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3084"
},
{
"cve": "CVE-2018-3082",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3082"
},
{
"cve": "CVE-2018-3081",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3081"
},
{
"cve": "CVE-2018-3080",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3080"
},
{
"cve": "CVE-2018-3079",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3079"
},
{
"cve": "CVE-2018-3078",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3078"
},
{
"cve": "CVE-2018-3077",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3077"
},
{
"cve": "CVE-2018-3075",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3075"
},
{
"cve": "CVE-2018-3074",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3074"
},
{
"cve": "CVE-2018-3073",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3073"
},
{
"cve": "CVE-2018-3071",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3071"
},
{
"cve": "CVE-2018-3070",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3070"
},
{
"cve": "CVE-2018-3067",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3067"
},
{
"cve": "CVE-2018-3066",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3066"
},
{
"cve": "CVE-2018-3065",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3065"
},
{
"cve": "CVE-2018-3064",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3064"
},
{
"cve": "CVE-2018-3063",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3063"
},
{
"cve": "CVE-2018-3062",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3062"
},
{
"cve": "CVE-2018-3061",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3061"
},
{
"cve": "CVE-2018-3060",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3060"
},
{
"cve": "CVE-2018-3058",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3058"
},
{
"cve": "CVE-2018-3056",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3056"
},
{
"cve": "CVE-2018-3054",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3054"
},
{
"cve": "CVE-2018-2877",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2877"
},
{
"cve": "CVE-2018-2846",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2846"
},
{
"cve": "CVE-2018-2839",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2839"
},
{
"cve": "CVE-2018-2819",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2819"
},
{
"cve": "CVE-2018-2818",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2818"
},
{
"cve": "CVE-2018-2817",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2817"
},
{
"cve": "CVE-2018-2816",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2816"
},
{
"cve": "CVE-2018-2813",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2813"
},
{
"cve": "CVE-2018-2812",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2812"
},
{
"cve": "CVE-2018-2810",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2810"
},
{
"cve": "CVE-2018-2805",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2805"
},
{
"cve": "CVE-2018-2787",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2787"
},
{
"cve": "CVE-2018-2786",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2786"
},
{
"cve": "CVE-2018-2784",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2784"
},
{
"cve": "CVE-2018-2782",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2782"
},
{
"cve": "CVE-2018-2781",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2781"
},
{
"cve": "CVE-2018-2780",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2780"
},
{
"cve": "CVE-2018-2779",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2779"
},
{
"cve": "CVE-2018-2778",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2778"
},
{
"cve": "CVE-2018-2777",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2777"
},
{
"cve": "CVE-2018-2776",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2776"
},
{
"cve": "CVE-2018-2775",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2775"
},
{
"cve": "CVE-2018-2773",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2773"
},
{
"cve": "CVE-2018-2771",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2771"
},
{
"cve": "CVE-2018-2769",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2769"
},
{
"cve": "CVE-2018-2766",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2766"
},
{
"cve": "CVE-2018-2762",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2762"
},
{
"cve": "CVE-2018-2761",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2761"
},
{
"cve": "CVE-2018-2759",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2759"
},
{
"cve": "CVE-2018-2758",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2758"
},
{
"cve": "CVE-2018-2755",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2755"
},
{
"cve": "CVE-2018-2598",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2598"
},
{
"cve": "CVE-2018-1996",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1996"
},
{
"cve": "CVE-2018-1926",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1926"
},
{
"cve": "CVE-2018-1904",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1904"
},
{
"cve": "CVE-2018-1902",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1902"
},
{
"cve": "CVE-2018-1901",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1901"
},
{
"cve": "CVE-2018-1798",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1798"
},
{
"cve": "CVE-2018-1797",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1797"
},
{
"cve": "CVE-2018-1794",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1794"
},
{
"cve": "CVE-2018-1793",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1793"
},
{
"cve": "CVE-2018-1777",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1777"
},
{
"cve": "CVE-2018-1770",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1770"
},
{
"cve": "CVE-2018-1767",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1767"
},
{
"cve": "CVE-2018-1719",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1719"
},
{
"cve": "CVE-2018-1695",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1695"
},
{
"cve": "CVE-2018-1656",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1656"
},
{
"cve": "CVE-2018-1643",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1643"
},
{
"cve": "CVE-2018-1621",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1621"
},
{
"cve": "CVE-2018-1614",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1614"
},
{
"cve": "CVE-2018-1567",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1567"
},
{
"cve": "CVE-2018-1447",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1447"
},
{
"cve": "CVE-2018-1428",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1428"
},
{
"cve": "CVE-2018-1427",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1427"
},
{
"cve": "CVE-2018-1426",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1426"
},
{
"cve": "CVE-2018-1301",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1301"
},
{
"cve": "CVE-2018-12539",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-12539"
},
{
"cve": "CVE-2018-10237",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-10237"
},
{
"cve": "CVE-2018-0734",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-0734"
},
{
"cve": "CVE-2018-0732",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-0732"
},
{
"cve": "CVE-2017-9798",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-9798"
},
{
"cve": "CVE-2017-3738",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3738"
},
{
"cve": "CVE-2017-3737",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3737"
},
{
"cve": "CVE-2017-3736",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3736"
},
{
"cve": "CVE-2017-3735",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3735"
},
{
"cve": "CVE-2017-3732",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3732"
},
{
"cve": "CVE-2017-1743",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1743"
},
{
"cve": "CVE-2017-1741",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1741"
},
{
"cve": "CVE-2017-1731",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1731"
},
{
"cve": "CVE-2017-1681",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1681"
},
{
"cve": "CVE-2017-15715",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-15715"
},
{
"cve": "CVE-2017-15710",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-15710"
},
{
"cve": "CVE-2017-12624",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-12624"
},
{
"cve": "CVE-2017-12618",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-12618"
},
{
"cve": "CVE-2017-12613",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-12613"
},
{
"cve": "CVE-2016-0705",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2016-0705"
},
{
"cve": "CVE-2016-0702",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2016-0702"
},
{
"cve": "CVE-2016-0701",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2016-0701"
},
{
"cve": "CVE-2015-0899",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2015-0899"
},
{
"cve": "CVE-2014-7810",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2014-7810"
},
{
"cve": "CVE-2012-5783",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2012-5783"
}
]
}
WID-SEC-W-2023-1594
Vulnerability from csaf_certbund
Published
2023-06-28 22:00
Modified
2023-06-28 22:00
Summary
IBM Tivoli Network Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Tivoli Network Manager ist eine Netzanalysesoftware f\u00fcr das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1594 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1594.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1594 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1594"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/885316"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/884276"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/883428"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/883424"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/882926"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/882898"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/882888"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/880403"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/880401"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/880395"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/879855"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/879841"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870546"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870526"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870508"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870504"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870500"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/870498"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/743933"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739297"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739271"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739249"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739247"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739245"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/739243"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/738231"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/731931"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730883"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730871"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730845"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730835"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/730171"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/720307"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/720283"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/720265"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/718745"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717345"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717335"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717327"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/717007"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/716573"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/712213"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/712199"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/570557"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/569765"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/569727"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/569717"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/305321"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/304091"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/304089"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/303663"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2023-06-28",
"url": "https://www.ibm.com/support/pages/node/303657"
}
],
"source_lang": "en-US",
"title": "IBM Tivoli Network Manager: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-28T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:53:31.776+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1594",
"initial_release_date": "2023-06-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-06-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 5",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 5",
"product_id": "T028343",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_5"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9",
"product_id": "T028344",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.1.1",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.1.1",
"product_id": "T028345",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.1.1"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.2",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 4.2",
"product_id": "T028346",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.2"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.4",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.4",
"product_id": "T028347",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.4"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.5",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.5",
"product_id": "T028348",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.5"
}
}
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 4",
"product": {
"name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 4",
"product_id": "T028349",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_4"
}
}
}
],
"category": "product_name",
"name": "Tivoli Network Manager"
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-4046",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-4046"
},
{
"cve": "CVE-2019-4030",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-4030"
},
{
"cve": "CVE-2019-2684",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2684"
},
{
"cve": "CVE-2019-2602",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2602"
},
{
"cve": "CVE-2019-2537",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2537"
},
{
"cve": "CVE-2019-2534",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2534"
},
{
"cve": "CVE-2019-2531",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2531"
},
{
"cve": "CVE-2019-2529",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2529"
},
{
"cve": "CVE-2019-2503",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2503"
},
{
"cve": "CVE-2019-2482",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2482"
},
{
"cve": "CVE-2019-2481",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2481"
},
{
"cve": "CVE-2019-2455",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-2455"
},
{
"cve": "CVE-2019-1559",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-1559"
},
{
"cve": "CVE-2019-0220",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2019-0220"
},
{
"cve": "CVE-2018-8039",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-8039"
},
{
"cve": "CVE-2018-5407",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-5407"
},
{
"cve": "CVE-2018-3282",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3282"
},
{
"cve": "CVE-2018-3278",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3278"
},
{
"cve": "CVE-2018-3276",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3276"
},
{
"cve": "CVE-2018-3251",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3251"
},
{
"cve": "CVE-2018-3247",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3247"
},
{
"cve": "CVE-2018-3174",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3174"
},
{
"cve": "CVE-2018-3156",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3156"
},
{
"cve": "CVE-2018-3143",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3143"
},
{
"cve": "CVE-2018-3123",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3123"
},
{
"cve": "CVE-2018-3084",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3084"
},
{
"cve": "CVE-2018-3082",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3082"
},
{
"cve": "CVE-2018-3081",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3081"
},
{
"cve": "CVE-2018-3080",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3080"
},
{
"cve": "CVE-2018-3079",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3079"
},
{
"cve": "CVE-2018-3078",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3078"
},
{
"cve": "CVE-2018-3077",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3077"
},
{
"cve": "CVE-2018-3075",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3075"
},
{
"cve": "CVE-2018-3074",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3074"
},
{
"cve": "CVE-2018-3073",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3073"
},
{
"cve": "CVE-2018-3071",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3071"
},
{
"cve": "CVE-2018-3070",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3070"
},
{
"cve": "CVE-2018-3067",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3067"
},
{
"cve": "CVE-2018-3066",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3066"
},
{
"cve": "CVE-2018-3065",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3065"
},
{
"cve": "CVE-2018-3064",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3064"
},
{
"cve": "CVE-2018-3063",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3063"
},
{
"cve": "CVE-2018-3062",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3062"
},
{
"cve": "CVE-2018-3061",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3061"
},
{
"cve": "CVE-2018-3060",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3060"
},
{
"cve": "CVE-2018-3058",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3058"
},
{
"cve": "CVE-2018-3056",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3056"
},
{
"cve": "CVE-2018-3054",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-3054"
},
{
"cve": "CVE-2018-2877",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2877"
},
{
"cve": "CVE-2018-2846",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2846"
},
{
"cve": "CVE-2018-2839",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2839"
},
{
"cve": "CVE-2018-2819",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2819"
},
{
"cve": "CVE-2018-2818",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2818"
},
{
"cve": "CVE-2018-2817",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2817"
},
{
"cve": "CVE-2018-2816",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2816"
},
{
"cve": "CVE-2018-2813",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2813"
},
{
"cve": "CVE-2018-2812",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2812"
},
{
"cve": "CVE-2018-2810",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2810"
},
{
"cve": "CVE-2018-2805",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2805"
},
{
"cve": "CVE-2018-2787",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2787"
},
{
"cve": "CVE-2018-2786",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2786"
},
{
"cve": "CVE-2018-2784",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2784"
},
{
"cve": "CVE-2018-2782",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2782"
},
{
"cve": "CVE-2018-2781",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2781"
},
{
"cve": "CVE-2018-2780",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2780"
},
{
"cve": "CVE-2018-2779",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2779"
},
{
"cve": "CVE-2018-2778",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2778"
},
{
"cve": "CVE-2018-2777",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2777"
},
{
"cve": "CVE-2018-2776",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2776"
},
{
"cve": "CVE-2018-2775",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2775"
},
{
"cve": "CVE-2018-2773",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2773"
},
{
"cve": "CVE-2018-2771",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2771"
},
{
"cve": "CVE-2018-2769",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2769"
},
{
"cve": "CVE-2018-2766",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2766"
},
{
"cve": "CVE-2018-2762",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2762"
},
{
"cve": "CVE-2018-2761",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2761"
},
{
"cve": "CVE-2018-2759",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2759"
},
{
"cve": "CVE-2018-2758",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2758"
},
{
"cve": "CVE-2018-2755",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2755"
},
{
"cve": "CVE-2018-2598",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-2598"
},
{
"cve": "CVE-2018-1996",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1996"
},
{
"cve": "CVE-2018-1926",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1926"
},
{
"cve": "CVE-2018-1904",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1904"
},
{
"cve": "CVE-2018-1902",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1902"
},
{
"cve": "CVE-2018-1901",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1901"
},
{
"cve": "CVE-2018-1798",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1798"
},
{
"cve": "CVE-2018-1797",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1797"
},
{
"cve": "CVE-2018-1794",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1794"
},
{
"cve": "CVE-2018-1793",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1793"
},
{
"cve": "CVE-2018-1777",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1777"
},
{
"cve": "CVE-2018-1770",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1770"
},
{
"cve": "CVE-2018-1767",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1767"
},
{
"cve": "CVE-2018-1719",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1719"
},
{
"cve": "CVE-2018-1695",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1695"
},
{
"cve": "CVE-2018-1656",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1656"
},
{
"cve": "CVE-2018-1643",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1643"
},
{
"cve": "CVE-2018-1621",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1621"
},
{
"cve": "CVE-2018-1614",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1614"
},
{
"cve": "CVE-2018-1567",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1567"
},
{
"cve": "CVE-2018-1447",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1447"
},
{
"cve": "CVE-2018-1428",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1428"
},
{
"cve": "CVE-2018-1427",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1427"
},
{
"cve": "CVE-2018-1426",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1426"
},
{
"cve": "CVE-2018-1301",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-1301"
},
{
"cve": "CVE-2018-12539",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-12539"
},
{
"cve": "CVE-2018-10237",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-10237"
},
{
"cve": "CVE-2018-0734",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-0734"
},
{
"cve": "CVE-2018-0732",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2018-0732"
},
{
"cve": "CVE-2017-9798",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-9798"
},
{
"cve": "CVE-2017-3738",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3738"
},
{
"cve": "CVE-2017-3737",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3737"
},
{
"cve": "CVE-2017-3736",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3736"
},
{
"cve": "CVE-2017-3735",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3735"
},
{
"cve": "CVE-2017-3732",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-3732"
},
{
"cve": "CVE-2017-1743",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1743"
},
{
"cve": "CVE-2017-1741",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1741"
},
{
"cve": "CVE-2017-1731",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1731"
},
{
"cve": "CVE-2017-1681",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-1681"
},
{
"cve": "CVE-2017-15715",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-15715"
},
{
"cve": "CVE-2017-15710",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-15710"
},
{
"cve": "CVE-2017-12624",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-12624"
},
{
"cve": "CVE-2017-12618",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-12618"
},
{
"cve": "CVE-2017-12613",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2017-12613"
},
{
"cve": "CVE-2016-0705",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2016-0705"
},
{
"cve": "CVE-2016-0702",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2016-0702"
},
{
"cve": "CVE-2016-0701",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2016-0701"
},
{
"cve": "CVE-2015-0899",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2015-0899"
},
{
"cve": "CVE-2014-7810",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2014-7810"
},
{
"cve": "CVE-2012-5783",
"notes": [
{
"category": "description",
"text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen."
}
],
"release_date": "2023-06-28T22:00:00.000+00:00",
"title": "CVE-2012-5783"
}
]
}
gsd-2014-7810
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-7810",
"description": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.",
"id": "GSD-2014-7810",
"references": [
"https://www.suse.com/security/cve/CVE-2014-7810.html",
"https://www.debian.org/security/2016/dsa-3530",
"https://www.debian.org/security/2016/dsa-3447",
"https://www.debian.org/security/2015/dsa-3428",
"https://access.redhat.com/errata/RHSA-2016:2046",
"https://access.redhat.com/errata/RHSA-2016:0492",
"https://access.redhat.com/errata/RHSA-2015:1622",
"https://access.redhat.com/errata/RHSA-2015:1621",
"https://ubuntu.com/security/CVE-2014-7810",
"https://alas.aws.amazon.com/cve/html/CVE-2014-7810.html",
"https://linux.oracle.com/cve/CVE-2014-7810.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-7810"
],
"details": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.",
"id": "GSD-2014-7810",
"modified": "2023-12-13T01:22:46.967638Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-7810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:0492",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"
},
{
"name": "USN-2654-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2654-1"
},
{
"name": "RHSA-2015:1622",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018"
},
{
"name": "DSA-3530",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3530"
},
{
"name": "http://tomcat.apache.org/security-7.html",
"refsource": "CONFIRM",
"url": "http://tomcat.apache.org/security-7.html"
},
{
"name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642"
},
{
"name": "HPSBUX03561",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2"
},
{
"name": "RHSA-2016:2046",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"name": "http://tomcat.apache.org/security-8.html",
"refsource": "CONFIRM",
"url": "http://tomcat.apache.org/security-8.html"
},
{
"name": "DSA-3428",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3428"
},
{
"name": "http://tomcat.apache.org/security-6.html",
"refsource": "CONFIRM",
"url": "http://tomcat.apache.org/security-6.html"
},
{
"name": "74665",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74665"
},
{
"name": "1032330",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032330"
},
{
"name": "USN-2655-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2655-1"
},
{
"name": "RHSA-2015:1621",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html"
},
{
"name": "DSA-3447",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3447"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[6.0.0,6.0.44),[7.0.0,7.0.58),[8.0.0,8.0.16)",
"affected_versions": "All versions starting from 6.0.0 before 6.0.44, all versions starting from 7.0.0 before 7.0.58, all versions starting from 8.0.0 before 8.0.16",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-284",
"CWE-937"
],
"date": "2022-07-06",
"description": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.",
"fixed_versions": [
"6.0.44",
"7.0.58",
"8.0.16"
],
"identifier": "CVE-2014-7810",
"identifiers": [
"GHSA-4c43-cwvx-9crh",
"CVE-2014-7810"
],
"not_impacted": "All versions before 6.0.0, all versions starting from 6.0.44 before 7.0.0, all versions starting from 7.0.58 before 8.0.0, all versions starting from 8.0.16",
"package_slug": "maven/org.apache.tomcat/tomcat",
"pubdate": "2022-05-14",
"solution": "Upgrade to versions 6.0.44, 7.0.58, 8.0.16 or above.",
"title": "Improper Access Control",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2014-7810",
"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964",
"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E",
"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",
"http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2",
"http://rhn.redhat.com/errata/RHSA-2015-1621.html",
"http://rhn.redhat.com/errata/RHSA-2015-1622.html",
"http://rhn.redhat.com/errata/RHSA-2016-0492.html",
"http://rhn.redhat.com/errata/RHSA-2016-2046.html",
"http://svn.apache.org/viewvc?view=revision\u0026revision=1644018",
"http://svn.apache.org/viewvc?view=revision\u0026revision=1645642",
"http://tomcat.apache.org/security-6.html",
"http://tomcat.apache.org/security-7.html",
"http://tomcat.apache.org/security-8.html",
"http://www.debian.org/security/2015/dsa-3428",
"http://www.debian.org/security/2016/dsa-3447",
"http://www.debian.org/security/2016/dsa-3530",
"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
"http://www.ubuntu.com/usn/USN-2654-1",
"http://www.ubuntu.com/usn/USN-2655-1",
"https://github.com/advisories/GHSA-4c43-cwvx-9crh"
],
"uuid": "7db102f6-3997-4435-b4bc-dd430ebccd59"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-7810"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018"
},
{
"name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642"
},
{
"name": "http://tomcat.apache.org/security-6.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"name": "http://tomcat.apache.org/security-8.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-8.html"
},
{
"name": "http://tomcat.apache.org/security-7.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-7.html"
},
{
"name": "DSA-3530",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3530"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"
},
{
"name": "HPSBUX03561",
"refsource": "HP",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "RHSA-2016:2046",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "74665",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/74665"
},
{
"name": "RHSA-2016:0492",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html"
},
{
"name": "DSA-3428",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2015/dsa-3428"
},
{
"name": "DSA-3447",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2016/dsa-3447"
},
{
"name": "RHSA-2015:1622",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html"
},
{
"name": "RHSA-2015:1621",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html"
},
{
"name": "USN-2655-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2655-1"
},
{
"name": "1032330",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1032330"
},
{
"name": "USN-2654-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2654-1"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2019-04-15T16:30Z",
"publishedDate": "2015-06-07T23:59Z"
}
}
}
ghsa-4c43-cwvx-9crh
Vulnerability from github
Published
2022-05-14 01:10
Modified
2022-07-06 21:05
VLAI Severity ?
Summary
Improper Access Control in Apache Tomcat
Details
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.0.44"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.0.58"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "8.0.0"
},
{
"fixed": "8.0.16"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2014-7810"
],
"database_specific": {
"cwe_ids": [
"CWE-284"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-06T21:05:15Z",
"nvd_published_at": "2015-06-07T23:59:00Z",
"severity": "MODERATE"
},
"details": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.",
"id": "GHSA-4c43-cwvx-9crh",
"modified": "2022-07-06T21:05:15Z",
"published": "2022-05-14T01:10:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810"
},
{
"type": "WEB",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"type": "WEB",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018"
},
{
"type": "WEB",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642"
},
{
"type": "WEB",
"url": "http://tomcat.apache.org/security-6.html"
},
{
"type": "WEB",
"url": "http://tomcat.apache.org/security-7.html"
},
{
"type": "WEB",
"url": "http://tomcat.apache.org/security-8.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3428"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2016/dsa-3447"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2016/dsa-3530"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2654-1"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2655-1"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Improper Access Control in Apache Tomcat"
}
fkie_cve-2014-7810
Vulnerability from fkie_nvd
Published
2015-06-07 23:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=145974991225029&w=2 | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-1621.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-1622.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-0492.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2046.html | ||
| secalert@redhat.com | http://svn.apache.org/viewvc?view=revision&revision=1644018 | Patch | |
| secalert@redhat.com | http://svn.apache.org/viewvc?view=revision&revision=1645642 | Patch | |
| secalert@redhat.com | http://tomcat.apache.org/security-6.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://tomcat.apache.org/security-7.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://tomcat.apache.org/security-8.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3428 | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3447 | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3530 | Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | ||
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | ||
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | ||
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/74665 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1032330 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2654-1 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2655-1 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964 | Third Party Advisory | |
| secalert@redhat.com | https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=145974991225029&w=2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-1621.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-1622.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-0492.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2046.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.apache.org/viewvc?view=revision&revision=1644018 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.apache.org/viewvc?view=revision&revision=1645642 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tomcat.apache.org/security-6.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tomcat.apache.org/security-7.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tomcat.apache.org/security-8.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3447 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3530 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/74665 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032330 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2654-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2655-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| apache | tomcat | 6.0.0 | |
| apache | tomcat | 6.0.0 | |
| apache | tomcat | 6.0.1 | |
| apache | tomcat | 6.0.1 | |
| apache | tomcat | 6.0.2 | |
| apache | tomcat | 6.0.2 | |
| apache | tomcat | 6.0.2 | |
| apache | tomcat | 6.0.3 | |
| apache | tomcat | 6.0.4 | |
| apache | tomcat | 6.0.4 | |
| apache | tomcat | 6.0.5 | |
| apache | tomcat | 6.0.6 | |
| apache | tomcat | 6.0.6 | |
| apache | tomcat | 6.0.7 | |
| apache | tomcat | 6.0.7 | |
| apache | tomcat | 6.0.7 | |
| apache | tomcat | 6.0.8 | |
| apache | tomcat | 6.0.8 | |
| apache | tomcat | 6.0.9 | |
| apache | tomcat | 6.0.9 | |
| apache | tomcat | 6.0.10 | |
| apache | tomcat | 6.0.11 | |
| apache | tomcat | 6.0.12 | |
| apache | tomcat | 6.0.13 | |
| apache | tomcat | 6.0.14 | |
| apache | tomcat | 6.0.15 | |
| apache | tomcat | 6.0.16 | |
| apache | tomcat | 6.0.17 | |
| apache | tomcat | 6.0.18 | |
| apache | tomcat | 6.0.19 | |
| apache | tomcat | 6.0.20 | |
| apache | tomcat | 6.0.24 | |
| apache | tomcat | 6.0.26 | |
| apache | tomcat | 6.0.27 | |
| apache | tomcat | 6.0.28 | |
| apache | tomcat | 6.0.29 | |
| apache | tomcat | 6.0.30 | |
| apache | tomcat | 6.0.31 | |
| apache | tomcat | 6.0.32 | |
| apache | tomcat | 6.0.33 | |
| apache | tomcat | 6.0.35 | |
| apache | tomcat | 6.0.36 | |
| apache | tomcat | 6.0.37 | |
| apache | tomcat | 6.0.39 | |
| apache | tomcat | 6.0.41 | |
| apache | tomcat | 6.0.43 | |
| apache | tomcat | 7.0.0 | |
| apache | tomcat | 7.0.0 | |
| apache | tomcat | 7.0.1 | |
| apache | tomcat | 7.0.2 | |
| apache | tomcat | 7.0.2 | |
| apache | tomcat | 7.0.3 | |
| apache | tomcat | 7.0.4 | |
| apache | tomcat | 7.0.4 | |
| apache | tomcat | 7.0.5 | |
| apache | tomcat | 7.0.6 | |
| apache | tomcat | 7.0.7 | |
| apache | tomcat | 7.0.8 | |
| apache | tomcat | 7.0.9 | |
| apache | tomcat | 7.0.10 | |
| apache | tomcat | 7.0.11 | |
| apache | tomcat | 7.0.12 | |
| apache | tomcat | 7.0.13 | |
| apache | tomcat | 7.0.14 | |
| apache | tomcat | 7.0.15 | |
| apache | tomcat | 7.0.16 | |
| apache | tomcat | 7.0.17 | |
| apache | tomcat | 7.0.18 | |
| apache | tomcat | 7.0.19 | |
| apache | tomcat | 7.0.20 | |
| apache | tomcat | 7.0.21 | |
| apache | tomcat | 7.0.22 | |
| apache | tomcat | 7.0.23 | |
| apache | tomcat | 7.0.24 | |
| apache | tomcat | 7.0.25 | |
| apache | tomcat | 7.0.26 | |
| apache | tomcat | 7.0.27 | |
| apache | tomcat | 7.0.28 | |
| apache | tomcat | 7.0.29 | |
| apache | tomcat | 7.0.30 | |
| apache | tomcat | 7.0.31 | |
| apache | tomcat | 7.0.32 | |
| apache | tomcat | 7.0.33 | |
| apache | tomcat | 7.0.34 | |
| apache | tomcat | 7.0.35 | |
| apache | tomcat | 7.0.36 | |
| apache | tomcat | 7.0.37 | |
| apache | tomcat | 7.0.38 | |
| apache | tomcat | 7.0.39 | |
| apache | tomcat | 7.0.40 | |
| apache | tomcat | 7.0.41 | |
| apache | tomcat | 7.0.42 | |
| apache | tomcat | 7.0.43 | |
| apache | tomcat | 7.0.44 | |
| apache | tomcat | 7.0.45 | |
| apache | tomcat | 7.0.46 | |
| apache | tomcat | 7.0.47 | |
| apache | tomcat | 7.0.48 | |
| apache | tomcat | 7.0.49 | |
| apache | tomcat | 7.0.50 | |
| apache | tomcat | 7.0.52 | |
| apache | tomcat | 7.0.53 | |
| apache | tomcat | 7.0.54 | |
| apache | tomcat | 7.0.55 | |
| apache | tomcat | 7.0.56 | |
| apache | tomcat | 7.0.57 | |
| apache | tomcat | 8.0.0 | |
| apache | tomcat | 8.0.0 | |
| apache | tomcat | 8.0.0 | |
| apache | tomcat | 8.0.0 | |
| apache | tomcat | 8.0.1 | |
| apache | tomcat | 8.0.3 | |
| apache | tomcat | 8.0.5 | |
| apache | tomcat | 8.0.8 | |
| apache | tomcat | 8.0.9 | |
| apache | tomcat | 8.0.11 | |
| apache | tomcat | 8.0.12 | |
| apache | tomcat | 8.0.14 | |
| apache | tomcat | 8.0.15 | |
| apache | tomcat | 6.0.0 | |
| apache | tomcat | 6.0.0 | |
| apache | tomcat | 6.0.1 | |
| apache | tomcat | 6.0.1 | |
| apache | tomcat | 6.0.2 | |
| apache | tomcat | 6.0.2 | |
| apache | tomcat | 6.0.2 | |
| apache | tomcat | 6.0.3 | |
| apache | tomcat | 6.0.4 | |
| apache | tomcat | 6.0.4 | |
| apache | tomcat | 6.0.5 | |
| apache | tomcat | 6.0.6 | |
| apache | tomcat | 6.0.6 | |
| apache | tomcat | 6.0.7 | |
| apache | tomcat | 6.0.7 | |
| apache | tomcat | 6.0.7 | |
| apache | tomcat | 6.0.8 | |
| apache | tomcat | 6.0.8 | |
| apache | tomcat | 6.0.9 | |
| apache | tomcat | 6.0.9 | |
| apache | tomcat | 6.0.10 | |
| apache | tomcat | 6.0.11 | |
| apache | tomcat | 6.0.12 | |
| apache | tomcat | 6.0.13 | |
| apache | tomcat | 6.0.14 | |
| apache | tomcat | 6.0.15 | |
| apache | tomcat | 6.0.16 | |
| apache | tomcat | 6.0.17 | |
| apache | tomcat | 6.0.18 | |
| apache | tomcat | 6.0.19 | |
| apache | tomcat | 6.0.20 | |
| apache | tomcat | 6.0.24 | |
| apache | tomcat | 6.0.26 | |
| apache | tomcat | 6.0.27 | |
| apache | tomcat | 6.0.28 | |
| apache | tomcat | 6.0.29 | |
| apache | tomcat | 6.0.30 | |
| apache | tomcat | 6.0.31 | |
| apache | tomcat | 6.0.32 | |
| apache | tomcat | 6.0.33 | |
| apache | tomcat | 6.0.35 | |
| apache | tomcat | 6.0.36 | |
| apache | tomcat | 6.0.37 | |
| apache | tomcat | 6.0.39 | |
| apache | tomcat | 6.0.41 | |
| apache | tomcat | 6.0.43 | |
| apache | tomcat | 7.0.0 | |
| apache | tomcat | 7.0.0 | |
| apache | tomcat | 7.0.1 | |
| apache | tomcat | 7.0.2 | |
| apache | tomcat | 7.0.2 | |
| apache | tomcat | 7.0.3 | |
| apache | tomcat | 7.0.4 | |
| apache | tomcat | 7.0.4 | |
| apache | tomcat | 7.0.5 | |
| apache | tomcat | 7.0.6 | |
| apache | tomcat | 7.0.7 | |
| apache | tomcat | 7.0.8 | |
| apache | tomcat | 7.0.9 | |
| apache | tomcat | 7.0.10 | |
| apache | tomcat | 7.0.11 | |
| apache | tomcat | 7.0.12 | |
| apache | tomcat | 7.0.13 | |
| apache | tomcat | 7.0.14 | |
| apache | tomcat | 7.0.15 | |
| apache | tomcat | 7.0.16 | |
| apache | tomcat | 7.0.17 | |
| apache | tomcat | 7.0.18 | |
| apache | tomcat | 7.0.19 | |
| apache | tomcat | 7.0.20 | |
| apache | tomcat | 7.0.21 | |
| apache | tomcat | 7.0.22 | |
| apache | tomcat | 7.0.23 | |
| apache | tomcat | 7.0.24 | |
| apache | tomcat | 7.0.25 | |
| apache | tomcat | 7.0.26 | |
| apache | tomcat | 7.0.27 | |
| apache | tomcat | 7.0.28 | |
| apache | tomcat | 7.0.29 | |
| apache | tomcat | 7.0.30 | |
| apache | tomcat | 7.0.31 | |
| apache | tomcat | 7.0.32 | |
| apache | tomcat | 7.0.33 | |
| apache | tomcat | 7.0.34 | |
| apache | tomcat | 7.0.35 | |
| apache | tomcat | 7.0.36 | |
| apache | tomcat | 7.0.37 | |
| apache | tomcat | 7.0.38 | |
| apache | tomcat | 7.0.39 | |
| apache | tomcat | 7.0.40 | |
| apache | tomcat | 7.0.41 | |
| apache | tomcat | 7.0.42 | |
| apache | tomcat | 7.0.43 | |
| apache | tomcat | 7.0.44 | |
| apache | tomcat | 7.0.45 | |
| apache | tomcat | 7.0.46 | |
| apache | tomcat | 7.0.47 | |
| apache | tomcat | 7.0.48 | |
| apache | tomcat | 7.0.49 | |
| apache | tomcat | 7.0.50 | |
| apache | tomcat | 7.0.52 | |
| apache | tomcat | 7.0.53 | |
| apache | tomcat | 7.0.54 | |
| apache | tomcat | 7.0.55 | |
| apache | tomcat | 7.0.56 | |
| apache | tomcat | 7.0.57 | |
| apache | tomcat | 8.0.0 | |
| apache | tomcat | 8.0.0 | |
| apache | tomcat | 8.0.0 | |
| apache | tomcat | 8.0.0 | |
| apache | tomcat | 8.0.1 | |
| apache | tomcat | 8.0.3 | |
| apache | tomcat | 8.0.5 | |
| apache | tomcat | 8.0.8 | |
| apache | tomcat | 8.0.9 | |
| apache | tomcat | 8.0.11 | |
| apache | tomcat | 8.0.12 | |
| apache | tomcat | 8.0.14 | |
| apache | tomcat | 8.0.15 | |
| hp | hp-ux | 11.31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49E3C039-A949-4F1B-892A-57147EECB249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "0A354C34-A3FE-4B8A-9985-8874A0634BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F28C7801-41B9-4552-BA1E-577967BCBBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "CFE300CC-FD4A-444E-8506-E5E269D0A0A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25B21085-7259-4685-9D1F-FF98E6489E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*",
"matchCriteriaId": "F50A3EC9-516E-48A7-839B-A73F491B5B9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "635EE321-2A1F-4FF8-95BE-0C26591969D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A81B035-8598-4D2C-B45F-C6C9D4B10C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E1096947-82A6-4EA8-A4F2-00D91E3F7DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*",
"matchCriteriaId": "31AB969A-9ACE-44EF-B2E5-CEC008F47C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*",
"matchCriteriaId": "06217215-72E4-4478-BACB-628A0836A645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9C95ADA4-66F5-45C4-A677-ACE22367A75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*",
"matchCriteriaId": "EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11951A10-39A2-4FF5-8C43-DF94730FB794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*",
"matchCriteriaId": "8B79F2EA-C893-4359-80EC-24AE38D982E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "351E5BCF-A56B-4D91-BA3C-21A4B77D529A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC2BBB4-171E-4EFF-A575-A5B7FF031755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6B0504-27C1-4824-A928-A878CBBAB32D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D903956B-14F5-4177-AF12-0A5F1846D3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "81F847DC-A2F5-456C-9038-16A0E85F4C3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B93A3A-D487-4CA1-8257-26F8FE287B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8802B2-57E0-4AA6-BC8E-00DE60468569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "8461DF95-18DC-4BF5-A703-7F19DA88DC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2823789C-2CB6-4300-94DB-BDBE83ABA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "A61429EE-4331-430C-9830-58DCCBCBCB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "31B3593F-CEDF-423C-90F8-F88EED87DC3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7862B2-E1FA-4E16-92CD-8918AB461D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E03BE3-60CC-4415-B993-D0BB00F87A30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "48E5E8C3-21AD-4230-B945-AB7DE66307B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "4945C8C1-C71B-448B-9075-07C6C92599CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4730B0-2E09-408B-AFD4-FE00F73700FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DE8A8A-7643-4292-BCC1-758AE0940207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B54FCD-CF7C-47E2-8513-40419E47AF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "D87EFB6D-B626-469F-907C-40C771A55833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "6330B97B-8FC5-4D7E-A960-5D94EDD0C378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8C62EF-1B67-456A-9C66-755439CF8556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "33E9607B-4D28-460D-896B-E4B7FA22441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A819E245-D641-4F19-9139-6C940504F6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C381275-10C5-4939-BCE3-0D1F3B3CB2EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "81A31CA0-A209-4C49-AA06-C38E165E5B68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7205475A-6D04-4042-B24E-1DA5A57029B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "08022987-B36B-4F63-88A5-A8F59195DF4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "0AA563BF-A67A-477D-956A-167ABEF885C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FF4B7557-EF35-451E-B55D-3296966695AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8980E61E-27BE-4858-82B3-C0E8128AF521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8756BF9B-3E24-4677-87AE-31CE776541F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE057E-2092-4C98-8D0C-75CF439D0A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8F194580-EE6D-4E38-87F3-F0661262256B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A9731BAA-4C6C-4259-B786-F577D8A90FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1F74A421-D019-4248-84B8-C70D4D9A8A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "05346F5A-FB52-4376-AAC7-9A5308216545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "305688F2-50A6-41FB-8614-BC589DB9A789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "D24AA431-C436-4AA5-85DF-B9AAFF2548FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "25966344-15D5-4101-9346-B06BFD2DFFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "11F4CBAC-27B1-4EFF-955A-A63B457D0578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FD55B338-9DBE-4643-ABED-A08964D3AF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4F710E-06EA-48F4-AC6A-6F143950F015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4936C2-0B2D-4C44-98C3-443090965F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "48453405-2319-4327-9F4C-6F70B49452C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "49DD9544-6424-41A6-AEC0-EC19B8A10E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E4670E65-2E11-49A4-B661-57C2F60D411F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "5E8FF71D-4710-4FBB-9925-A6A26C450F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "31002A23-4788-4BC7-AE11-A3C2AA31716D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "7144EDDF-8265-4642-8EEB-ED52527E0A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "DF06B5C1-B9DD-4673-A101-56E1E593ACDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "7D731065-626B-4425-8E49-F708DD457824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D850EA-E537-42C8-93B9-96E15CB26747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "E037DA05-2BEF-4F64-B8BB-307247B6A05C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAF1EB5-FB34-40FC-96ED-9D073890D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "D395D95B-1F4A-420E-A0F6-609360AF7B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD221BA-0AB6-4972-8AD9-5D37AC07762F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "E55B6565-96CB-4F6A-9A80-C3FB82F30546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "D3300AFE-49A4-4904-B9A0-5679F09FA01E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5125CC-05F9-4678-90DB-A5C7CD24AE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*",
"matchCriteriaId": "1B904C74-B92E-4EAE-AE6C-78E2B844C3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6109D1-BC36-40C5-A02A-7AEBC949BAC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "DA8A7333-B4C3-4876-AE01-62F2FD315504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*",
"matchCriteriaId": "92993E23-D805-407B-8B87-11CEEE8B212F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "7A11BD74-305C-41E2-95B1-5008EEF5FA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*",
"matchCriteriaId": "595442D0-9DB7-475A-AE30-8535B70E122E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0BA92A-0BD3-4CE4-9465-95E949104BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "C947E549-2459-4AFB-84A7-36BDA30B5F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "5D55DF79-F9BE-4907-A4D8-96C4B11189ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "14AB5787-82D7-4F78-BE93-4556AB7A7D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E9453E-BC9B-4F77-85FA-BA15AC55C245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EF0518-73F9-47DB-8946-A8334936BEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "95AA8778-7833-4572-A71B-5FD89938CE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "242E47CE-EF69-4F8F-AB40-5AF2811674CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4752862B-7D26-4285-B8A0-CF082C758353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*",
"matchCriteriaId": "58EA7199-3373-4F97-9907-3A479A02155E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4693BD36-E522-4C8E-9667-8F3E14A05EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "2BBBC5EA-012C-4C5D-A61B-BAF134B300DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A358FDF-C249-4D7A-9445-8B9E7D9D40AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF96F96-34DB-4EB3-BF59-11220673FA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "61E008F8-2F01-4DD8-853A-337B4B4163C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6A776B25-6AF1-421B-8E47-2A7499F6B4D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701424A2-BB06-44B5-B468-7164E4F95529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9A5B7E-33A9-4651-9BE1-371A0064B661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F99252E8-A59C-48E1-B251-718D7FB3E399",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49E3C039-A949-4F1B-892A-57147EECB249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "0A354C34-A3FE-4B8A-9985-8874A0634BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F28C7801-41B9-4552-BA1E-577967BCBBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "CFE300CC-FD4A-444E-8506-E5E269D0A0A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25B21085-7259-4685-9D1F-FF98E6489E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*",
"matchCriteriaId": "F50A3EC9-516E-48A7-839B-A73F491B5B9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "635EE321-2A1F-4FF8-95BE-0C26591969D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A81B035-8598-4D2C-B45F-C6C9D4B10C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E1096947-82A6-4EA8-A4F2-00D91E3F7DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*",
"matchCriteriaId": "31AB969A-9ACE-44EF-B2E5-CEC008F47C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*",
"matchCriteriaId": "06217215-72E4-4478-BACB-628A0836A645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9C95ADA4-66F5-45C4-A677-ACE22367A75A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*",
"matchCriteriaId": "EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11951A10-39A2-4FF5-8C43-DF94730FB794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*",
"matchCriteriaId": "8B79F2EA-C893-4359-80EC-24AE38D982E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "351E5BCF-A56B-4D91-BA3C-21A4B77D529A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC2BBB4-171E-4EFF-A575-A5B7FF031755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6B0504-27C1-4824-A928-A878CBBAB32D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D903956B-14F5-4177-AF12-0A5F1846D3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "81F847DC-A2F5-456C-9038-16A0E85F4C3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B93A3A-D487-4CA1-8257-26F8FE287B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8802B2-57E0-4AA6-BC8E-00DE60468569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "8461DF95-18DC-4BF5-A703-7F19DA88DC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2823789C-2CB6-4300-94DB-BDBE83ABA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "A61429EE-4331-430C-9830-58DCCBCBCB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "31B3593F-CEDF-423C-90F8-F88EED87DC3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7862B2-E1FA-4E16-92CD-8918AB461D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E03BE3-60CC-4415-B993-D0BB00F87A30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "48E5E8C3-21AD-4230-B945-AB7DE66307B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "4945C8C1-C71B-448B-9075-07C6C92599CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4730B0-2E09-408B-AFD4-FE00F73700FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DE8A8A-7643-4292-BCC1-758AE0940207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B54FCD-CF7C-47E2-8513-40419E47AF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "D87EFB6D-B626-469F-907C-40C771A55833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "6330B97B-8FC5-4D7E-A960-5D94EDD0C378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8C62EF-1B67-456A-9C66-755439CF8556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "33E9607B-4D28-460D-896B-E4B7FA22441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A819E245-D641-4F19-9139-6C940504F6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C381275-10C5-4939-BCE3-0D1F3B3CB2EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "81A31CA0-A209-4C49-AA06-C38E165E5B68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7205475A-6D04-4042-B24E-1DA5A57029B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "08022987-B36B-4F63-88A5-A8F59195DF4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "0AA563BF-A67A-477D-956A-167ABEF885C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FF4B7557-EF35-451E-B55D-3296966695AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8980E61E-27BE-4858-82B3-C0E8128AF521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8756BF9B-3E24-4677-87AE-31CE776541F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE057E-2092-4C98-8D0C-75CF439D0A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8F194580-EE6D-4E38-87F3-F0661262256B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A9731BAA-4C6C-4259-B786-F577D8A90FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1F74A421-D019-4248-84B8-C70D4D9A8A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "05346F5A-FB52-4376-AAC7-9A5308216545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "305688F2-50A6-41FB-8614-BC589DB9A789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "D24AA431-C436-4AA5-85DF-B9AAFF2548FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "25966344-15D5-4101-9346-B06BFD2DFFF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "11F4CBAC-27B1-4EFF-955A-A63B457D0578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FD55B338-9DBE-4643-ABED-A08964D3AF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4F710E-06EA-48F4-AC6A-6F143950F015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4936C2-0B2D-4C44-98C3-443090965F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "48453405-2319-4327-9F4C-6F70B49452C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "49DD9544-6424-41A6-AEC0-EC19B8A10E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E4670E65-2E11-49A4-B661-57C2F60D411F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "5E8FF71D-4710-4FBB-9925-A6A26C450F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "31002A23-4788-4BC7-AE11-A3C2AA31716D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "7144EDDF-8265-4642-8EEB-ED52527E0A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "DF06B5C1-B9DD-4673-A101-56E1E593ACDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "7D731065-626B-4425-8E49-F708DD457824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D850EA-E537-42C8-93B9-96E15CB26747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "E037DA05-2BEF-4F64-B8BB-307247B6A05C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAF1EB5-FB34-40FC-96ED-9D073890D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "D395D95B-1F4A-420E-A0F6-609360AF7B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD221BA-0AB6-4972-8AD9-5D37AC07762F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "E55B6565-96CB-4F6A-9A80-C3FB82F30546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "D3300AFE-49A4-4904-B9A0-5679F09FA01E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5125CC-05F9-4678-90DB-A5C7CD24AE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*",
"matchCriteriaId": "1B904C74-B92E-4EAE-AE6C-78E2B844C3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6109D1-BC36-40C5-A02A-7AEBC949BAC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "DA8A7333-B4C3-4876-AE01-62F2FD315504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*",
"matchCriteriaId": "92993E23-D805-407B-8B87-11CEEE8B212F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "7A11BD74-305C-41E2-95B1-5008EEF5FA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*",
"matchCriteriaId": "595442D0-9DB7-475A-AE30-8535B70E122E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0BA92A-0BD3-4CE4-9465-95E949104BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "C947E549-2459-4AFB-84A7-36BDA30B5F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "5D55DF79-F9BE-4907-A4D8-96C4B11189ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "14AB5787-82D7-4F78-BE93-4556AB7A7D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E9453E-BC9B-4F77-85FA-BA15AC55C245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EF0518-73F9-47DB-8946-A8334936BEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "95AA8778-7833-4572-A71B-5FD89938CE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "242E47CE-EF69-4F8F-AB40-5AF2811674CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4752862B-7D26-4285-B8A0-CF082C758353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*",
"matchCriteriaId": "58EA7199-3373-4F97-9907-3A479A02155E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4693BD36-E522-4C8E-9667-8F3E14A05EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "2BBBC5EA-012C-4C5D-A61B-BAF134B300DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A358FDF-C249-4D7A-9445-8B9E7D9D40AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF96F96-34DB-4EB3-BF59-11220673FA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "61E008F8-2F01-4DD8-853A-337B4B4163C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6A776B25-6AF1-421B-8E47-2A7499F6B4D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "701424A2-BB06-44B5-B468-7164E4F95529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9A5B7E-33A9-4651-9BE1-371A0064B661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F99252E8-A59C-48E1-B251-718D7FB3E399",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC82871-E47F-4431-AAE0-A714D7D22670",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation."
},
{
"lang": "es",
"value": "La implementaci\u00f3n Expression Language (EL) en Apache Tomcat 6.x anterior a 6.0.44, 7.x anterior a 7.0.58, y 8.x anterior a 8.0.16 no considera correctamente la posibilidad de una interfaz accesible implementada por una clase no accesible, lo que permite a atacantes evadir un mecanismo de protecci\u00f3n SecurityManager a trav\u00e9s de una aplicaci\u00f3n web que aprovecha el uso de privilegios incorrectos durante la evaluaci\u00f3n EL."
}
],
"id": "CVE-2014-7810",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-07T23:59:03.580",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-7.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-8.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2015/dsa-3428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3447"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3530"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/74665"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1032330"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2654-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2655-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-7.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tomcat.apache.org/security-8.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2654-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2655-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…