FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tomcat -- multiple vulnerabilities

Affected packages
tomcat < 6.0.47
tomcat7 < 7.0.72
tomcat8 < 8.0.37

Details

VuXML ID 3ae106e2-d521-11e6-ae1b-002590263bf5
Discovery 2016-10-27
Entry 2017-01-07
Modified 2017-03-18

The Apache Software Foundation reports:

Low: Unrestricted Access to Global Resources CVE-2016-6797

Low: Security Manager Bypass CVE-2016-6796

Low: System Property Disclosure CVE-2016-6794

Low: Security Manager Bypass CVE-2016-5018

Low: Timing Attack CVE-2016-0762

References

CVE Name CVE-2016-0762
CVE Name CVE-2016-5018
CVE Name CVE-2016-6794
CVE Name CVE-2016-6796
CVE Name CVE-2016-6797
URL http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.47
URL http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.72
URL http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.5_and_8.0.37