Security Update:The Apache Software Foundation has released 2 important security advisories to address vulnerabilities in Apache Tomcat
Date and Time
Apache Tomcat users
The Apache Software Foundation has released 2 important security advisories to address vulnerabilities in Apache Tomcat.
Advanced Users: For a complete description of the security advisory go to:
- CVE-2018-8037 Apache Tomcat - Information Disclosure at: http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/<20180722090623.GA92700%40minotaur.apache.org>
- CVE-2018-1336 Apache Tomcat - Denial of Service at: http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/<20180722090435.GA60759%40minotaur.apache.org>
- Apache Tomcat 9.0.0.M9 to 9.0.9
- Apache Tomcat 8.5.0 to 8.5.30
- Apache Tomcat 8.0.0.RC1 to 8.0.51
- Apache Tomcat 7.0.28 to 7.0.86
WHAT’S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow an attacker to obtain sensitive information.
HOW DO I PROTECT MY WEB SITE
- Users and administrators are encouraged to review the Apache Security advisories listed above.
- IT Security - https://it.ucsf.edu/security