Back to bug 1397484
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-11-22 16:00:45 UTC | Blocks | 1397488 | |
| Adam Mariš | 2016-11-22 16:08:00 UTC | Depends On | 1397493 | |
| Adam Mariš | 2016-11-22 16:08:16 UTC | Depends On | 1397495 | |
| Adam Mariš | 2016-11-22 16:08:29 UTC | Depends On | 1397496 | |
| Jason Shepherd | 2016-11-23 04:08:11 UTC | Blocks | 1397645 | |
| Timothy Walsh | 2016-11-24 10:46:37 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=new,jbews-2/tomcat7=new,jbews-2/tomcat6=new,eap-6/tomcat7=new,jws-3/tomcat7=new,jdg-6/jbossweb=new,jdv-6/jbossweb=new,eap-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-2/tomcat6=affected,eap-6/jbossweb=new,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected |
| Timothy Walsh | 2016-11-24 10:50:34 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-2/tomcat6=affected,eap-6/jbossweb=new,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=new,eap-6/jbossweb=new,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected |
| Timothy Walsh | 2016-11-24 10:51:02 UTC | CC | huwang | |
| Timothy Walsh | 2016-11-24 10:52:54 UTC | Depends On | 1398253 | |
| Timothy Walsh | 2016-11-24 10:53:03 UTC | Depends On | 1398254 | |
| Timothy Walsh | 2016-11-24 10:56:48 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=new,eap-6/jbossweb=new,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=new,eap-6/jbossweb=new,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected |
| Timothy Walsh | 2016-11-24 10:58:51 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=new,eap-6/jbossweb=new,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=affected,jbews-3/tomcat8=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=new,eap-6/jbossweb=new,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected |
| Horia Chiorean | 2016-11-24 11:02:14 UTC | CC | hchiorea | |
| Timothy Walsh | 2016-11-28 04:51:27 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=affected,jbews-3/tomcat8=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=new,eap-6/jbossweb=new,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=affected,jbews-3/tomcat8=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected |
| Timothy Walsh | 2016-11-28 04:53:53 UTC | Depends On | 1399014 | |
| Timothy Walsh | 2016-11-28 04:54:07 UTC | Depends On | 1399016 | |
| Masafumi Miura | 2016-12-01 01:39:57 UTC | CC | mmiura | |
| Yasuhiro Ozone | 2016-12-01 07:22:15 UTC | CC | yozone | |
| Apurbita Mukherjee | 2016-12-06 09:14:11 UTC | CC | apmukher | |
| Timothy Walsh | 2016-12-08 04:42:59 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-7/tomcat=new,rhel-6/tomcat6=new,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=affected,jbews-3/tomcat8=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=notaffected,rhel-7/tomcat=affected,rhel-6/tomcat6=affected,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=affected,jbews-3/tomcat8=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected |
| Timothy Walsh | 2016-12-08 04:44:22 UTC | Depends On | 1402662 | |
| Timothy Walsh | 2016-12-08 04:44:26 UTC | Depends On | 1402663 | |
| Timothy Walsh | 2016-12-08 04:44:33 UTC | Depends On | 1402664 | |
| Timothy Walsh | 2016-12-08 04:44:37 UTC | Depends On | 1402665 | |
| Timothy Walsh | 2017-01-17 05:40:06 UTC | CC | hchiorea | |
| Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=notaffected,rhel-7/tomcat=affected,rhel-6/tomcat6=affected,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=affected,jbews-3/tomcat8=affected,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=notaffected,rhel-7/tomcat=affected,rhel-6/tomcat6=affected,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | ||
| Bharti Kundal | 2017-01-24 17:54:22 UTC | CC | bkundal | |
| Doc Text | It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own. | |||
| Tomas Hoger | 2017-02-21 12:51:40 UTC | Doc Text | It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own. | It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other then their own. |
| Timothy Walsh | 2017-03-02 11:22:38 UTC | Blocks | 1428325 | |
| Tomas Hoger | 2017-03-09 14:09:23 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=notaffected,rhel-7/tomcat=affected,rhel-6/tomcat6=affected,dts-3.1/devtoolset-3-tomcat=new,rhscl-2/rh-java-common-tomcat=new,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=notaffected,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected |
| Timothy Walsh | 2017-03-16 11:22:04 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=notaffected,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=affected,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected |
| Tomas Hoger | 2017-03-16 12:41:40 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=affected,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected |
| Radim Hatlapatka | 2017-03-30 18:43:21 UTC | CC | rhatlapa, sdouglas | |
| Pavel Polischouk | 2017-04-05 14:51:28 UTC | CC | psotirop | |
| Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=new,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | ||
| Jason Shepherd | 2017-04-20 23:33:29 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix |
| Jason Shepherd | 2017-04-20 23:34:56 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jon-3/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix |
| Doran Moppert | 2017-05-03 05:19:17 UTC | Blocks | 1415638 | |
| Doran Moppert | 2017-05-03 06:08:42 UTC | Blocks | 1415638 | |
| Pedro Sampaio | 2017-08-16 19:40:10 UTC | Blocks | 1482229 | |
| Chess Hazlett | 2017-12-05 20:12:26 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jpp-6/jbossweb=new,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix | impact=moderate,public=20161122,reported=20161121,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jpp-6/jbossweb=wontfix,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix |
| PnT Account Manager | 2017-12-07 23:59:10 UTC | CC | felias | |
| Chess Hazlett | 2017-12-08 19:24:10 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161121,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=new,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jpp-6/jbossweb=wontfix,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix | impact=moderate,public=20161122,reported=20161121,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=wontfix,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jpp-6/jbossweb=wontfix,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix |
| PnT Account Manager | 2018-01-30 20:40:45 UTC | CC | hchiorea | |
| PnT Account Manager | 2018-02-06 19:24:51 UTC | CC | hfnukal | |
| Viliam Križan | 2018-02-12 10:33:57 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161121,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=wontfix,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jpp-6/jbossweb=wontfix,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=wontfix,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jpp-6/jbossweb=wontfix,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix |
| PnT Account Manager | 2018-03-05 15:36:24 UTC | CC | rhatlapa | |
| PnT Account Manager | 2018-05-10 18:19:07 UTC | CC | pavelp | |
| Patrick van Staveren | 2018-05-10 18:48:26 UTC | CC | trick | |
| PnT Account Manager | 2018-10-19 21:38:36 UTC | CC | bkundal | |
| Product Security DevOps Team | 2019-06-08 03:02:35 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 03:02:35 UTC | |||
| Product Security DevOps Team | 2019-09-29 14:00:54 UTC | Whiteboard | impact=moderate,public=20161122,reported=20161122,source=internet,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N,cwe=CWE-444,fedora-all/tomcat=affected,epel-6/tomcat=affected,rhel-5/tomcat5=wontfix,rhel-6/tomcat6=affected,rhel-7/tomcat=affected,dts-3.1/devtoolset-3-tomcat=notaffected,rhscl-2/rh-java-common-tomcat=notaffected,jws-3/tomcat8=affected,jbews-2/tomcat7=affected,jbews-3/tomcat7=defer,jbews-3/tomcat8=defer,jbews-2/tomcat6=affected,eap-5/jbossweb=wontfix,eap-6/jbossweb=affected,jws-3/tomcat7=affected,jdg-6/jbossweb=wontfix,jdv-6/jbossweb=wontfix,fuse-6/jbossweb=new,jpp-6/jbossweb=wontfix,openshift-1/jbossweb=affected,jon-3/Core Server=wontfix |
Back to bug 1397484