tomcat7-javadoc vulnerabilities

Known vulnerabilities in the tomcat7-javadoc package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Off-by-one Error	*
H Improper Check for Certificate Revocation	<0:7.0.70-25.ep7.el7
H Improper Authentication	<0:7.0.70-27.ep7.el7
H Improper Authentication	<0:7.0.70-27.ep7.el7
H Cross-site Scripting (XSS)	<0:7.0.59-16_patch_00.ep7.el7
M Information Exposure	<0:7.0.59-26_patch_00.ep7.el7
M Information Exposure	*
M Allocation of Resources Without Limits or Throttling	*
L Memory Leak	*
L HTTP Request Smuggling	*
L Cross-site Scripting (XSS)	*
L Deserialization of Untrusted Data	<0:7.0.70-46.ep7.el7
L SQL Injection	<0:7.0.70-46.ep7.el7
L Deserialization of Untrusted Data	<0:7.0.70-46.ep7.el7
L Improper Input Validation	<0:7.0.70-46.ep7.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	*
H Deserialization of Untrusted Data	<0:7.0.70-16.ep7.el7
H Improper Access Control	<0:7.0.70-16.ep7.el7
H Improper Input Validation	*
H Improper Access Control	<0:7.0.70-25.ep7.el7
H Improper Access Control	<0:7.0.70-25.ep7.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:7.0.70-29.ep7.el7
H Out-of-bounds Read	<0:7.0.70-25.ep7.el7
H Information Exposure	<0:7.0.70-22.ep7.el7
H Improper Input Validation	<0:7.0.70-25.ep7.el7
H Insufficient Verification of Data Authenticity	<0:7.0.70-22.ep7.el7
H Improper Input Validation	<0:7.0.70-25.ep7.el7
H Incorrect Privilege Assignment	<0:7.0.70-22.ep7.el7
H Exposure of Resource to Wrong Sphere	<0:7.0.70-22.ep7.el7
H Error Handling	<0:7.0.70-16.ep7.el7
H HTTP Request Smuggling	<0:7.0.70-16.ep7.el7
H Resource Exhaustion	<0:7.0.70-22.ep7.el7
M Files or Directories Accessible to External Parties	<0:7.0.59-50_patch_01.ep7.el7
M Authentication Bypass	<0:7.0.59-50_patch_01.ep7.el7
M Improper Authentication	<0:7.0.59-50_patch_01.ep7.el7
M Cross-site Request Forgery (CSRF)	<0:7.0.59-50_patch_01.ep7.el7
M Allocation of Resources Without Limits or Throttling	<0:7.0.59-26_patch_00.ep7.el7
H Improper Input Validation	<0:7.0.70-16.ep7.el7
M Improper Authentication	<0:7.0.59-50_patch_01.ep7.el7
M Directory Traversal	<0:7.0.59-42_patch_01.ep7.el7
H Resource Exhaustion	<0:7.0.70-22.ep7.el7
H Improper Access Control	<0:7.0.70-16.ep7.el7
H Improper Input Validation	<0:7.0.59-51_patch_01.ep7.el7
M CVE-2015-5346	<0:7.0.59-50_patch_01.ep7.el7
H Improper Input Validation	<0:7.0.59-51_patch_01.ep7.el7
M Encoding Error	<0:7.0.59-42_patch_01.ep7.el7
M NULL Pointer Dereference	<0:7.0.59-26_patch_00.ep7.el7
M NULL Pointer Dereference	<0:7.0.59-42_patch_01.ep7.el7
M Improper Authentication	<0:7.0.59-42_patch_01.ep7.el7
H HTTP Request Smuggling	<0:7.0.70-41.ep7.el7
H Deserialization of Untrusted Data	<0:7.0.70-22.ep7.el7
M Uncontrolled Recursion	<0:7.0.70-34.ep7.el7
M Improper Input Validation	<0:7.0.70-31.ep7.el7
H Improper Access Control	<0:7.0.70-27.ep7.el7
M Resource Injection	<0:7.0.70-31.ep7.el7
H Deserialization of Untrusted Data	<0:7.0.70-22.ep7.el7
H Information Exposure	<0:7.0.70-25.ep7.el7
H Covert Timing Channel	<0:7.0.70-22.ep7.el7
H Improper Access Control	<0:7.0.70-16.ep7.el7
H Security Features	<0:7.0.70-16.ep7.el7
H Information Exposure	<0:7.0.70-16.ep7.el7
H Security Features	<0:7.0.70-16.ep7.el7
H Deserialization of Untrusted Data	<0:7.0.70-40.ep7.el7
H Access Restriction Bypass	<0:7.0.70-16.ep7.el7
H Improper Authorization	<0:7.0.70-38.ep7.el7
H Resource Exhaustion	<0:7.0.70-41.ep7.el7
H Session Fixation	<0:7.0.70-38.ep7.el7
H Improper Access Control	<0:7.0.70-38.ep7.el7
H Cross-site Scripting (XSS)	<0:7.0.70-38.ep7.el7

Vulnerability

Vulnerable Version

Off-by-one Error