Vulnerability CVE-2012-0022 - CERT Civis.Net

Vulnerability Name:

CVE-2012-0022 (CCN-72425)

Assigned:

2011-12-07

Published:

2012-01-17

Updated:

2019-03-25

Summary:

Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: BUGTRAQ
Type: UNKNOWN
20120117 [SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service

Source: MITRE
Type: CNA
CVE-2012-0022

Source: CCN
Type: HP Security Bulletin HPSBUX02741 SSRT100728 rev.1
HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass

Source: CCN
Type: HP Security Bulletin HPSBMU02747 SSRT100771 rev.1
HP OpenView Network Node Manager (OV NNM) Running Apache Tomcat, Remote Denial of Service (DoS)

Source: HP
Type: UNKNOWN
SSRT100728

Source: HP
Type: UNKNOWN
SSRT100771

Source: HP
Type: UNKNOWN
HPSBUX02860

Source: CCN
Type: RHSA-2012-0074
Important: jbossweb security update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0074

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0075

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0076

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0077

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0078

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0325

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0345

Source: CCN
Type: RHSA-2012-0474
Moderate: tomcat5 security update

Source: CCN
Type: RHSA-2012-0475
Moderate: tomcat6 security update

Source: CCN
Type: RHSA-2012-0679
Moderate: tomcat5 security and bug fix update

Source: CCN
Type: RHSA-2012-0680
Moderate: tomcat5 security and bug fix update

Source: CCN
Type: RHSA-2012-0681
Moderate: tomcat6 security and bug fix update

Source: CCN
Type: RHSA-2012-0682
Moderate: tomcat6 security and bug fix update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:1331

Source: CCN
Type: SA47903
HP-UX Apache Web Server Suite Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
48213

Source: CCN
Type: SA48444
VMware Multiple Products Multiple Vulnerabilities

Source: CCN
Type: SA48549
HP OpenView Network Node Manager Apache Tomcat Two Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
48549

Source: SECUNIA
Type: UNKNOWN
48790

Source: SECUNIA
Type: UNKNOWN
48791

Source: CCN
Type: SA50745
Oracle Solaris Apache Tomcat Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
50863

Source: CCN
Type: SA51879
Oracle GoldenGate Veridata Apache Tomcat Denial of Service Vulnerability

Source: CCN
Type: SA51880
Oracle Management Pack for Oracle GoldenGate Apache Tomcat Denial of Service Vulnerability

Source: CCN
Type: SA55714
Juniper Network and Security Manager Apache Tomcat Weakness and Vulnerability

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-5.html

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-6.html

Source: CCN
Type: Apache Tomcat Web site
Important: Denial of service CVE-2012-0022

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-7.html

Source: CCN
Type: IBM Security Bulletin 1650482
IBM Tivoli Key Lifecycle Manager can be affected by multiple vulnerabilities in IBM Tivoli Integrated Portal (CVE-2013-0464, CVE-2012-3325, CVE-2011-4858)

Source: DEBIAN
Type: UNKNOWN
DSA-2401

Source: DEBIAN
Type: DSA-2401
tomcat6 -- several vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2012:085

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2013:150

Source: CCN
Type: Oracle Web site
Oracle Critical Patch Update Advisory - January 2013

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html

Source: BID
Type: UNKNOWN
51447

Source: CCN
Type: BID-51447
Apache Tomcat Parameter Handling Denial of Service Vulnerability

Source: CCN
Type: VMSA-2012-0005
VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues

Source: CCN
Type: Oracle Security Blog, Sep 18, 2012
Multiple vulnerabilities in Oracle Java Web Console

Source: XF
Type: UNKNOWN
apache-tomcat-parameter-dos(72425)

Source: XF
Type: UNKNOWN
apache-tomcat-parameter-dos(72425)

Source: CCN
Type: JSA10600
Network and Security Manager: Apache Tomcat security update

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:16925

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:18934

Source: CCN
Type: IBM Security Bulletin 6496741 (Sterling B2B Integrator)
Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:tomcat:5.5.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.21:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.22:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.23:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.25:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.33:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.34:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:apache:tomcat:6.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

AND

cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*

OR cpe:/o:sun:sunos:5.10:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:fusion_middleware:-:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_key_lifecycle_manager:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20120022	V	CVE-2012-0022	2022-05-20
oval:org.opensuse.security:def:34600	P	Security update for openexr (Moderate)	2021-12-01
oval:org.opensuse.security:def:32232	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:29442	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:33990	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:30125	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:30114	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:30113	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:34510	P	Security update for spice-vdagent (Moderate)	2021-08-17
oval:org.opensuse.security:def:32145	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:33946	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:36312	P	tomcat6-6.0.41-0.43.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42719	P	tomcat6-6.0.41-0.43.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:33922	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:34453	P	Security update for shim (Important)	2021-06-08
oval:org.opensuse.security:def:26065	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:30199	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:32088	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:29356	P	Security update for samba (Important)	2021-04-29
oval:org.opensuse.security:def:34668	P	Security update for opensc (Moderate)	2021-03-31
oval:org.opensuse.security:def:26203	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:33777	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:34628	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:26146	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:33883	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:33620	P	Security update for xen (Important)	2020-12-07
oval:org.opensuse.security:def:35613	P	mono-core-2.0.1-1.19.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35654	P	xpdf-tools-3.02-138.26.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:29145	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:34905	P	Security update for djvulibre (Low)	2020-12-01
oval:org.opensuse.security:def:25861	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30420	P	Security update for xorg-x11-libXpm (Moderate)	2020-12-01
oval:org.opensuse.security:def:32444	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25937	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30719	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34124	P	Security update for netpbm (Moderate)	2020-12-01
oval:org.opensuse.security:def:29584	P	Security update for Apache2	2020-12-01
oval:org.opensuse.security:def:32554	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33154	P	libgtop on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30862	P	Security update for ed (Low)	2020-12-01
oval:org.opensuse.security:def:34355	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:29840	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:33275	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33245	P	python-pywbem on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26491	P	Security update for nextcloud (Moderate)	2020-12-01
oval:org.opensuse.security:def:31564	P	Security update for squid3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31790	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:29941	P	Security update for openLDAP	2020-12-01
oval:org.opensuse.security:def:33532	P	Security update for xpdf	2020-12-01
oval:org.opensuse.security:def:26593	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29144	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:34866	P	Security update for cloud-init (Moderate)	2020-12-01
oval:org.opensuse.security:def:30331	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:33834	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:27310	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29225	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:32388	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:34975	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:25873	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:30564	P	Security update for poppler	2020-12-01
oval:org.opensuse.security:def:34123	P	Security update for net-snmp (Moderate)	2020-12-01
oval:org.opensuse.security:def:29499	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32532	P	java-1_4_2-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30823	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:34219	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29791	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33236	P	ppc64-diag on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33166	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26438	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:30926	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:31779	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:29897	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33475	P	Security update for Mozilla	2020-12-01
oval:org.opensuse.security:def:26579	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31996	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:34817	P	Security update for apport (Moderate)	2020-12-01
oval:org.opensuse.security:def:30616	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:27275	P	pure-ftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29156	P	Security update for libtirpc, rpcbind (Important)	2020-12-01
oval:org.opensuse.security:def:34931	P	Security update for fetchmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:25862	P	Recommended update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:30477	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:32493	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30774	P	Security update for avahi (Moderate)	2020-12-01
oval:org.opensuse.security:def:34135	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:29737	P	Security update for freetype2	2020-12-01
oval:org.opensuse.security:def:32598	P	python on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33155	P	libicu-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26287	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:30882	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:31778	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:29879	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:33380	P	Security update for compat-openssl097g (Moderate)	2020-12-01
oval:org.opensuse.security:def:26540	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31602	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:31864	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34759	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:30579	P	Security update for mozilla-nspr, mozilla-nss	2020-12-01
oval:org.opensuse.security:def:26637	P	ruby on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:18934	V	HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities	2015-04-20
oval:org.mitre.oval:def:25819	P	SUSE-SU-2013:1374-1 -- Security update for tomcat6	2014-09-08
oval:org.mitre.oval:def:15018	P	USN-1359-1 -- Tomcat vulnerabilities	2014-06-30
oval:org.mitre.oval:def:15309	P	DSA-2401-1 tomcat6 -- several	2014-06-23
oval:org.mitre.oval:def:23745	P	ELSA-2012:0475: tomcat6 security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:23331	P	ELSA-2012:0474: tomcat5 security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:21312	P	RHSA-2012:0475: tomcat6 security update (Moderate)	2014-02-24
oval:org.mitre.oval:def:21412	P	RHSA-2012:0474: tomcat5 security update (Moderate)	2014-02-24
oval:org.mitre.oval:def:20494	V	VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, Workstation, Player, ESXi and ESX address several security issues	2014-01-20
oval:org.mitre.oval:def:16925	V	Vulnerability in the Management Pack for Oracle GoldenGate Server. Supported versions that are affected are 11.1.1.1.0.Vulnerability in the Oracle GoldenGate Veridata component of Oracle Fusion Middleware (subcomponent: Server). The supported version that is affected is 3.0.0.11.0. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle GoldenGate Veridata	2013-07-29
oval:com.redhat.rhsa:def:20120474	P	RHSA-2012:0474: tomcat5 security update (Moderate)	2012-04-11
oval:com.redhat.rhsa:def:20120475	P	RHSA-2012:0475: tomcat6 security update (Moderate)	2012-04-11
oval:com.ubuntu.precise:def:20120022000	V	CVE-2012-0022 on Ubuntu 12.04 LTS (precise) - medium.	2012-01-18