tomcat-native vulnerabilities

Known vulnerabilities in the tomcat-native package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Improper Check for Certificate Revocation	<0:1.2.8-11.redhat_11.ep7.el7
H Improper Authentication	<0:1.2.17-17.redhat_17.ep7.el7
H Improper Authentication	<0:1.2.17-17.redhat_17.ep7.el7
M Out-of-Bounds	<0:1.1.34-5.redhat_1.ep6.el7
M Improper Input Validation	<0:1.1.34-5.redhat_1.ep6.el7
H Insufficient Verification of Data Authenticity	<0:1.1.32-3.redhat_1.ep6.el7
H Cross-site Scripting (XSS)	<0:1.1.32-3.redhat_1.ep6.el7
H Cross-site Scripting (XSS)	<0:1.1.32-2.redhat_2.ep7.el7
H Authentication Bypass by Primary Weakness	<0:1.1.32-3.redhat_1.ep6.el7
H Improperly Implemented Security Check for Standard	<0:1.1.32-3.redhat_1.ep6.el7
H Use of a Broken or Risky Cryptographic Algorithm	<0:1.1.32-3.redhat_1.ep6.el7
H Incorrect Permission Assignment for Critical Resource	<0:1.1.32-3.redhat_1.ep6.el7
H Information Exposure	<0:1.1.32-3.redhat_1.ep6.el7
L Deserialization of Untrusted Data	<0:1.2.23-26.redhat_26.ep7.el7
L SQL Injection	<0:1.2.23-26.redhat_26.ep7.el7
L Deserialization of Untrusted Data	<0:1.2.23-26.redhat_26.ep7.el7
L Improper Input Validation	<0:1.2.23-26.redhat_26.ep7.el7
H Deserialization of Untrusted Data	<0:1.2.8-9.redhat_9.ep7.el7
H Improper Access Control	<0:1.2.8-9.redhat_9.ep7.el7
H Improper Access Control	<0:1.2.8-11.redhat_11.ep7.el7
H Improper Access Control	<0:1.2.8-11.redhat_11.ep7.el7
H Out-of-bounds Read	<0:1.2.8-11.redhat_11.ep7.el7
H Information Exposure	<0:1.2.8-10.redhat_10.ep7.el7
H Improper Input Validation	<0:1.2.8-11.redhat_11.ep7.el7
H Insufficient Verification of Data Authenticity	<0:1.2.8-10.redhat_10.ep7.el7
H Improper Input Validation	<0:1.2.8-11.redhat_11.ep7.el7
H Improper Certificate Validation	<0:1.2.23-24.redhat_24.ep7.el7
H NULL Pointer Dereference	<0:1.2.23-24.redhat_24.ep7.el7
H Incorrect Privilege Assignment	<0:1.2.8-10.redhat_10.ep7.el7
H Exposure of Resource to Wrong Sphere	<0:1.2.8-10.redhat_10.ep7.el7
H Error Handling	<0:1.2.8-9.redhat_9.ep7.el7
H HTTP Request Smuggling	<0:1.2.8-9.redhat_9.ep7.el7
H Resource Exhaustion	<0:1.2.8-10.redhat_10.ep7.el7
H Improper Input Validation	<0:1.2.8-9.redhat_9.ep7.el7
H Resource Exhaustion	<0:1.2.8-10.redhat_10.ep7.el7
H Improper Access Control	<0:1.2.8-9.redhat_9.ep7.el7
M Encoding Error	<0:1.1.34-5.redhat_1.ep6.el7
L NULL Pointer Dereference	<0:1.2.23-23.redhat_23.ep7.el7
H Deserialization of Untrusted Data	<0:1.2.8-10.redhat_10.ep7.el7
M Uncontrolled Recursion	<0:1.2.17-19.redhat_19.ep7.el7
M Improper Input Validation	<0:1.2.17-18.redhat_18.ep7.el7
H Improper Access Control	<0:1.2.17-17.redhat_17.ep7.el7
M Resource Injection	<0:1.2.17-18.redhat_18.ep7.el7
H Deserialization of Untrusted Data	<0:1.2.8-10.redhat_10.ep7.el7
H Information Exposure	<0:1.2.8-11.redhat_11.ep7.el7
H Covert Timing Channel	<0:1.2.8-10.redhat_10.ep7.el7
H Improper Access Control	<0:1.2.8-9.redhat_9.ep7.el7
H Security Features	<0:1.2.8-9.redhat_9.ep7.el7
H Information Exposure	<0:1.2.8-9.redhat_9.ep7.el7
H Security Features	<0:1.2.8-9.redhat_9.ep7.el7
H Deserialization of Untrusted Data	<0:1.2.23-22.redhat_22.ep7.el7
H Access Restriction Bypass	<0:1.2.8-9.redhat_9.ep7.el7
H Improper Authorization	<0:1.2.23-21.redhat_21.ep7.el7
H Session Fixation	<0:1.2.23-21.redhat_21.ep7.el7
H Improper Access Control	<0:1.2.23-21.redhat_21.ep7.el7
H Cross-site Scripting (XSS)	<0:1.2.23-21.redhat_21.ep7.el7

Vulnerability

Vulnerable Version

Improper Check for Certificate Revocation

<0:1.2.8-11.redhat_11.ep7.el7

Improper Authentication

<0:1.2.17-17.redhat_17.ep7.el7

Improper Authentication

<0:1.2.17-17.redhat_17.ep7.el7

Out-of-Bounds

<0:1.1.34-5.redhat_1.ep6.el7

Improper Input Validation

<0:1.1.34-5.redhat_1.ep6.el7