vulnerability
Amazon Linux AMI: CVE-2018-8034: Security patch for tomcat8 ((Multiple Advisories))
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Aug 1, 2018 | Aug 11, 2018 | Apr 16, 2020 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Aug 1, 2018
Added
Aug 11, 2018
Modified
Apr 16, 2020
Description
The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.
Solution(s)
amazon-linux-upgrade--tomcat80amazon-linux-upgrade-tomcat7amazon-linux-upgrade-tomcat8

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.