tomcat8-javadoc vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the tomcat8-javadoc package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Off-by-one Error	*
H Improper Check for Certificate Revocation	<0:8.0.36-29.ep7.el7
H Improper Authentication	<0:8.0.36-31.ep7.el7
H Improper Authentication	<0:8.0.36-31.ep7.el7
H Cross-site Scripting (XSS)	<0:8.0.18-15_patch_00.ep7.el7
M Information Exposure	<0:8.0.18-25_patch_00.ep7.el7
M Information Exposure	*
M Allocation of Resources Without Limits or Throttling	*
L Arbitrary Code Injection	*
L Memory Leak	*
L HTTP Request Smuggling	*
L Cross-site Scripting (XSS)	*
L Deserialization of Untrusted Data	<0:8.0.36-49.ep7.el7
L SQL Injection	<0:8.0.36-49.ep7.el7
L Deserialization of Untrusted Data	<0:8.0.36-49.ep7.el7
L Improper Input Validation	<0:8.0.36-49.ep7.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	*
H Deserialization of Untrusted Data	<0:8.0.36-17.ep7.el7
H Improper Access Control	<0:8.0.36-17.ep7.el7
H Improper Input Validation	*
H Improper Access Control	<0:8.0.36-29.ep7.el7
H Improper Access Control	<0:8.0.36-29.ep7.el7
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:8.0.36-33.ep7.el7
H Out-of-bounds Read	<0:8.0.36-29.ep7.el7
H Information Exposure	<0:8.0.36-24.ep7.el7
H Improper Input Validation	<0:8.0.36-29.ep7.el7
H Insufficient Verification of Data Authenticity	<0:8.0.36-24.ep7.el7
H Improper Input Validation	<0:8.0.36-29.ep7.el7
H Incorrect Privilege Assignment	<0:8.0.36-24.ep7.el7
H Exposure of Resource to Wrong Sphere	<0:8.0.36-24.ep7.el7
H Error Handling	<0:8.0.36-17.ep7.el7
H HTTP Request Smuggling	<0:8.0.36-17.ep7.el7
H Resource Exhaustion	<0:8.0.36-24.ep7.el7
M Files or Directories Accessible to External Parties	<0:8.0.18-61_patch_01.ep7.el7
M Authentication Bypass	<0:8.0.18-61_patch_01.ep7.el7
M Improper Authentication	<0:8.0.18-61_patch_01.ep7.el7
M Cross-site Request Forgery (CSRF)	<0:8.0.18-61_patch_01.ep7.el7
M Allocation of Resources Without Limits or Throttling	<0:8.0.18-52_patch_01.ep7.el7
H Improper Input Validation	<0:8.0.36-17.ep7.el7
M Improper Authentication	<0:8.0.18-61_patch_01.ep7.el7
M Directory Traversal	<0:8.0.18-52_patch_01.ep7.el7
H Resource Exhaustion	<0:8.0.36-24.ep7.el7
H Improper Access Control	<0:8.0.36-17.ep7.el7
H Improper Input Validation	<0:8.0.18-62_patch_01.ep7.el7
M CVE-2015-5346	<0:8.0.18-61_patch_01.ep7.el7
H Improper Input Validation	<0:8.0.18-62_patch_01.ep7.el7
M Encoding Error	<0:8.0.18-52_patch_01.ep7.el7
M NULL Pointer Dereference	<0:8.0.18-25_patch_00.ep7.el7
M NULL Pointer Dereference	<0:8.0.18-52_patch_01.ep7.el7
M Improper Authentication	<0:8.0.18-52_patch_01.ep7.el7
H HTTP Request Smuggling	<0:8.0.36-45.ep7.el7
H Deserialization of Untrusted Data	<0:8.0.36-24.ep7.el7
M Uncontrolled Recursion	<0:8.0.36-39.ep7.el7
M Improper Input Validation	<0:8.0.36-35.ep7.el7
H Improper Access Control	<0:8.0.36-31.ep7.el7
M Resource Injection	<0:8.0.36-35.ep7.el7
H Deserialization of Untrusted Data	<0:8.0.36-24.ep7.el7
M Information Exposure	<0:8.0.36-29.ep7.el7
H Covert Timing Channel	<0:8.0.36-24.ep7.el7
H Improper Access Control	<0:8.0.36-17.ep7.el7
H Security Features	<0:8.0.36-17.ep7.el7
H Information Exposure	<0:8.0.36-17.ep7.el7
H Security Features	<0:8.0.36-17.ep7.el7
H Deserialization of Untrusted Data	<0:8.0.36-44.ep7.el7
H Access Restriction Bypass	<0:8.0.36-17.ep7.el7
H Improper Authorization	<0:8.0.36-42.ep7.el7
H Resource Exhaustion	<0:8.0.36-45.ep7.el7
H Session Fixation	<0:8.0.36-42.ep7.el7
H Improper Access Control	<0:8.0.36-42.ep7.el7
H Cross-site Scripting (XSS)	<0:8.0.36-42.ep7.el7

Vulnerability

Vulnerable Version

Off-by-one Error