tomcat8 vulnerabilities

Known vulnerabilities in the tomcat8 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Time-of-check Time-of-use (TOCTOU)	<8.0.32-1ubuntu1.13+esm1
M Missing Release of Resource after Effective Lifetime	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<8.0.32-1ubuntu1.13
L Deserialization of Untrusted Data	<8.0.32-1ubuntu1.13
L HTTP Request Smuggling	<8.0.32-1ubuntu1.13
L Improper Input Validation	*
M Insufficiently Protected Credentials	<8.0.32-1ubuntu1.11
L Session Fixation	<8.0.32-1ubuntu1.11
L Cross-site Scripting (XSS)	<8.0.32-1ubuntu1.10
M Open Redirect	<8.0.32-1ubuntu1.8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<8.0.32-1ubuntu1.7
L Improper Certificate Validation	<8.0.32-1ubuntu1.7
L Insecure Default Initialization of Resource	<8.0.32-1ubuntu1.6
M CVE-2018-1304	<8.0.32-1ubuntu1.6
M CVE-2018-1305	<8.0.32-1ubuntu1.6
H Unrestricted Upload of File with Dangerous Type	<8.0.32-1ubuntu1.6
L Security Features	<8.0.32-1ubuntu1.3
M Insufficient Verification of Data Authenticity	<8.0.32-1ubuntu1.5
L Improper Access Control	<8.0.32-1ubuntu1.3
M Error Handling	<8.0.32-1ubuntu1.3
L Information Exposure	<8.0.32-1ubuntu1.3
L Access Restriction Bypass	<8.0.32-1ubuntu1.3
M Security Features	<8.0.32-1ubuntu1.3
M Improper Handling of Exceptional Conditions	<8.0.32-1ubuntu1.5
M Information Exposure	<8.0.32-1ubuntu1.5
M Exposure of Resource to Wrong Sphere	<8.0.32-1ubuntu1.5
H Improper Access Control	<8.0.32-1ubuntu1.3
M Access Restriction Bypass	<8.0.32-1ubuntu1.3
M Link Following	<8.0.32-1ubuntu1.3
M Improper Input Validation	<8.0.32-1ubuntu1.3
M Improper Input Validation	<8.0.32-1ubuntu1.2
L Improper Access Control	<8.0.32-1ubuntu1.3
M Improper Input Validation	<8.0.32-1ubuntu1.1

Vulnerability

Vulnerable Version

Time-of-check Time-of-use (TOCTOU)

<8.0.32-1ubuntu1.13+esm1

Missing Release of Resource after Effective Lifetime